Mozilla Firefox Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Firefox must be configured to not automatically update installed add-ons and plugins.
<VulnDiscussion>Set this to false to disable checking for updated versions of the Extensions/Themes. Automatic updates from untrusted sites p...Rule Medium Severity -
SRG-APP-000278
<GroupDescription></GroupDescription>Group -
Firefox must be configured to not automatically execute or download MIME types that are not authorized for auto-download.
<VulnDiscussion>Some files can be downloaded or execute without user interaction. This setting ensures these files are not downloaded and exe...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
Firefox must be configured to disable form fill assistance.
<VulnDiscussion>To protect privacy and sensitive data, Firefox provides the ability to configure the program so that data entered into forms ...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
Firefox must be configured to not automatically check for updated versions of installed search plugins.
<VulnDiscussion>Updates must be controlled and installed from authorized and trusted servers. This setting overrides a number of other settin...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
SRG-APP-000456
<GroupDescription></GroupDescription>Group -
The installed version of Firefox must be supported.
<VulnDiscussion>Using versions of an application that are not supported by the vendor is not permitted. Vendors respond to security flaws wit...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.