The operating system must prevent the execution of prohibited mobile code.

An XCCDF Rule

Description

<VulnDiscussion>Decisions regarding the employment of mobile code within operating systems are based on the potential for the code to cause damage to the system if used maliciously. Mobile code technologies include Java, JavaScript, ActiveX, PDF, Postscript, Shockwave movies, Flash animations, and VBScript. Usage restrictions and implementation guidance apply to both the selection and use of mobile code installed on organizational servers and mobile code downloaded and executed on individual workstations.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-216228r958544_rule
Severity: Medium
References: CCI-001695
Updated: 17 days ago

In the address bar type: about:config

Click on "I accept the risk" button.

In search bar type: javascript.enabled
Double click on the javascript.enabled and Value true will change to false.

In the address bar type: about:addons

Click on "Plugins".

If Java is displayed, disable Java by clicking on the 
Never Activate selection

The operating system must prevent the execution of prohibited mobile code.

Description

Remediation - Manual Procedure