SOL-11.1-090100 - The operating system must prevent the execution of prohibited mobile code.

Information

Decisions regarding the employment of mobile code within operating systems are based on the potential for the code to cause damage to the system if used maliciously.

Mobile code technologies include Java, JavaScript, ActiveX, PDF, Postscript, Shockwave movies, Flash animations, and VBScript. Usage restrictions and implementation guidance apply to both the selection and use of mobile code installed on organizational servers and mobile code downloaded and executed on individual workstations.

Solution

In the address bar type: about:config

Click on 'I accept the risk' button.

In search bar type: javascript.enabled

Double click on the javascript.enabled and Value true will change to false.

In the address bar type: about:addons

Click on 'Plugins'.

If Java is displayed, disable Java by clicking on the
Never Activate selection

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SOL_11_SPARC_V3R1_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(3), CAT|II, CCI|CCI-001695, Rule-ID|SV-216464r958544_rule, STIG-ID|SOL-11.1-090100, STIG-Legacy|SV-60841, STIG-Legacy|V-47969, Vuln-ID|V-216464

Plugin: Unix

Control ID: f2027e868bd3028576edd2bfaee23f39b9f1e4f367783b8b26274e2bb752b2c0