| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-251545 | CAT I | MONT-WS-92040 | Mozilla Firefox Security Technical Imple... | The installed version of Firefox must be supported... | - | |||
Check TextRun Firefox. Click the ellipsis button >> Help >> About Firefox, and view the version number. If the Firefox version is not a supported version, this is a finding. Fix TextUpgrade the version of the browser to an approved version by obtaining software from the vendor or other trusted source. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: ResultHash: CDA64C53C50F058D63F08C3F6AD2DAD12183D817 ~~~~~ Apps and Features entries for Firefox: Name: Mozilla Firefox ESR (x64 en-US) Version: 140.4.0 Path: C:\Program Files\Mozilla Firefox
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl
Scan Date: 2026-01-14T12:57:25.596878
Technology Area: Windows Operating System
|
||||||||
| V-251545 | CAT I | MONT-WS-92010 | Mozilla Firefox Security Technical Imple... | The installed version of Firefox must be supported... | - | |||
Check TextRun Firefox. Click the ellipsis button >> Help >> About Firefox, and view the version number. If the Firefox version is not a supported version, this is a finding. Fix TextUpgrade the version of the browser to an approved version by obtaining software from the vendor or other trusted source. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: ResultHash: CDA64C53C50F058D63F08C3F6AD2DAD12183D817 ~~~~~ Apps and Features entries for Firefox: Name: Mozilla Firefox ESR (x64 en-US) Version: 140.4.0 Path: C:\Program Files\Mozilla Firefox
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl
Scan Date: 2026-01-14T12:57:27.870047
Technology Area: Windows Operating System
|
||||||||
| V-251545 | CAT I | MONT-SW-89108 | Mozilla Firefox Security Technical Imple... | The installed version of Firefox must be supported... | - | |||
Check TextRun Firefox. Click the ellipsis button >> Help >> About Firefox, and view the version number. If the Firefox version is not a supported version, this is a finding. Fix TextUpgrade the version of the browser to an approved version by obtaining software from the vendor or other trusted source. Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) was unable to determine a Status but found the below configuration on 12/17/2025: ResultHash: 0FCC0348AFE2E97D141B22373B94B72CEE381353 ~~~~~ Apps and Features entries for Firefox: Name: Mozilla Firefox ESR (x64 en-US) Version: 140.6.0 Path: C:\Program Files\Mozilla Firefox
Source: MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl
Scan Date: 2026-03-04T15:25:15.868210
Technology Area: Windows Operating System
|
||||||||
| V-251545 | CAT I | MONT-SW-89134 | Mozilla Firefox Security Technical Imple... | The installed version of Firefox must be supported... | - | |||
Check TextRun Firefox. Click the ellipsis button >> Help >> About Firefox, and view the version number. If the Firefox version is not a supported version, this is a finding. Fix TextUpgrade the version of the browser to an approved version by obtaining software from the vendor or other trusted source. Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) was unable to determine a Status but found the below configuration on 12/17/2025: ResultHash: 0FCC0348AFE2E97D141B22373B94B72CEE381353 ~~~~~ Apps and Features entries for Firefox: Name: Mozilla Firefox ESR (x64 en-US) Version: 140.6.0 Path: C:\Program Files\Mozilla Firefox
Source: MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl
Scan Date: 2026-03-04T15:25:41.899130
Technology Area: Windows Operating System
|
||||||||
| V-251546 | CAT I | MONT-WS-92040 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to allow only TLS 1.2 o... | - | |||
Check TextType "about:policies" in the browser window. If "SSLVersionMin" is not displayed under Policy Name or the Policy Value is not "tls1.2" or "tls1.3", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Minimum SSL version enabled Policy State: Enabled Policy Value: TLS 1.2 (or TLS 1.3) macOS "plist" file: Add the following: <key>SSLVersionMin</key> <string>tls1.2</string> (or <string>tls1.3</string>) Linux "policies.json" file: Add the following in the policies section: "SSLVersionMin": "tls1.2" or ("SSLVersionMin": "tls1.3") Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4A1B334B1277709B8C673DCF44E7FB095B1934FF ~~~~~ 'Minimum SSL version enabled' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: SSLVersionMin Value: tls1.2 Type: REG_SZ
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl
Scan Date: 2026-01-14T12:57:25.596878
Technology Area: Windows Operating System
|
||||||||
| V-251546 | CAT I | MONT-WS-92010 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to allow only TLS 1.2 o... | - | |||
Check TextType "about:policies" in the browser window. If "SSLVersionMin" is not displayed under Policy Name or the Policy Value is not "tls1.2" or "tls1.3", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Minimum SSL version enabled Policy State: Enabled Policy Value: TLS 1.2 (or TLS 1.3) macOS "plist" file: Add the following: <key>SSLVersionMin</key> <string>tls1.2</string> (or <string>tls1.3</string>) Linux "policies.json" file: Add the following in the policies section: "SSLVersionMin": "tls1.2" or ("SSLVersionMin": "tls1.3") Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4A1B334B1277709B8C673DCF44E7FB095B1934FF ~~~~~ 'Minimum SSL version enabled' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: SSLVersionMin Value: tls1.2 Type: REG_SZ
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl
Scan Date: 2026-01-14T12:57:27.870047
Technology Area: Windows Operating System
|
||||||||
| V-251546 | CAT I | MONT-SW-89108 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to allow only TLS 1.2 o... | - | |||
Check TextType "about:policies" in the browser window. If "SSLVersionMin" is not displayed under Policy Name or the Policy Value is not "tls1.2" or "tls1.3", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Minimum SSL version enabled Policy State: Enabled Policy Value: TLS 1.2 (or TLS 1.3) macOS "plist" file: Add the following: <key>SSLVersionMin</key> <string>tls1.2</string> (or <string>tls1.3</string>) Linux "policies.json" file: Add the following in the policies section: "SSLVersionMin": "tls1.2" or ("SSLVersionMin": "tls1.3") Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4A1B334B1277709B8C673DCF44E7FB095B1934FF ~~~~~ 'Minimum SSL version enabled' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: SSLVersionMin Value: tls1.2 Type: REG_SZ
Source: MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl
Scan Date: 2026-03-04T15:25:15.868210
Technology Area: Windows Operating System
|
||||||||
| V-251546 | CAT I | MONT-SW-89134 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to allow only TLS 1.2 o... | - | |||
Check TextType "about:policies" in the browser window. If "SSLVersionMin" is not displayed under Policy Name or the Policy Value is not "tls1.2" or "tls1.3", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Minimum SSL version enabled Policy State: Enabled Policy Value: TLS 1.2 (or TLS 1.3) macOS "plist" file: Add the following: <key>SSLVersionMin</key> <string>tls1.2</string> (or <string>tls1.3</string>) Linux "policies.json" file: Add the following in the policies section: "SSLVersionMin": "tls1.2" or ("SSLVersionMin": "tls1.3") Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4A1B334B1277709B8C673DCF44E7FB095B1934FF ~~~~~ 'Minimum SSL version enabled' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: SSLVersionMin Value: tls1.2 Type: REG_SZ
Source: MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl
Scan Date: 2026-03-04T15:25:41.899130
Technology Area: Windows Operating System
|
||||||||
| V-251547 | CAT II | MONT-WS-92040 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to ask which certificat... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name and the Policy Value does not include "security.default_personal_cert" with a value of "Ask Every Time" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>security.default_personal_cert</key> <dict> <key>Value</key> <string>Ask Every Time</string> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 91E48F7518473AE7664AF990CFB3CC78C5C05C36 ~~~~~ 'Preferences' is Enabled: security.default_personal_cert Value: Ask Every Time Status: locked Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event.contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } } Type: REG_MULTI_SZ
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl
Scan Date: 2026-01-14T12:57:25.596878
Technology Area: Windows Operating System
|
||||||||
| V-251547 | CAT II | MONT-WS-92010 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to ask which certificat... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name and the Policy Value does not include "security.default_personal_cert" with a value of "Ask Every Time" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>security.default_personal_cert</key> <dict> <key>Value</key> <string>Ask Every Time</string> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 91E48F7518473AE7664AF990CFB3CC78C5C05C36 ~~~~~ 'Preferences' is Enabled: security.default_personal_cert Value: Ask Every Time Status: locked Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event.contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } } Type: REG_MULTI_SZ
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl
Scan Date: 2026-01-14T12:57:27.870047
Technology Area: Windows Operating System
|
||||||||
| V-251547 | CAT II | MONT-SW-89108 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to ask which certificat... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name and the Policy Value does not include "security.default_personal_cert" with a value of "Ask Every Time" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>security.default_personal_cert</key> <dict> <key>Value</key> <string>Ask Every Time</string> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 37E00BCE4884B93709738FC53EBBE5D0402A7F99 ~~~~~ 'Preferences' is Enabled but not correct: Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: <enabled/> <data id="JSON" value=' { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event_contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } }'/> Type: REG_MULTI_SZ
Source: MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl
Scan Date: 2026-03-04T15:25:15.868210
Technology Area: Windows Operating System
|
||||||||
| V-251547 | CAT II | MONT-SW-89134 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to ask which certificat... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name and the Policy Value does not include "security.default_personal_cert" with a value of "Ask Every Time" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>security.default_personal_cert</key> <dict> <key>Value</key> <string>Ask Every Time</string> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 37E00BCE4884B93709738FC53EBBE5D0402A7F99 ~~~~~ 'Preferences' is Enabled but not correct: Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: <enabled/> <data id="JSON" value=' { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event_contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } }'/> Type: REG_MULTI_SZ
Source: MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl
Scan Date: 2026-03-04T15:25:41.899130
Technology Area: Windows Operating System
|
||||||||
| V-251548 | CAT II | MONT-WS-92040 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not automatically ch... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name or the Policy Value does not include "browser.search.update" with a value of "false" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "browser.search.update": { "Value": false, "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>browser.search.update</key> <dict> <key>Value</key> <false/> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "browser.search.update": { "Value": false, "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 06810F281F578C0914F4654F9C6124808F7ACCD2 ~~~~~ 'Preferences' is Enabled: browser.search.update Value: False Status: locked Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event.contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } } Type: REG_MULTI_SZ
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl
Scan Date: 2026-01-14T12:57:25.596878
Technology Area: Windows Operating System
|
||||||||
| V-251548 | CAT II | MONT-WS-92010 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not automatically ch... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name or the Policy Value does not include "browser.search.update" with a value of "false" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "browser.search.update": { "Value": false, "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>browser.search.update</key> <dict> <key>Value</key> <false/> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "browser.search.update": { "Value": false, "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 06810F281F578C0914F4654F9C6124808F7ACCD2 ~~~~~ 'Preferences' is Enabled: browser.search.update Value: False Status: locked Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event.contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } } Type: REG_MULTI_SZ
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl
Scan Date: 2026-01-14T12:57:27.870047
Technology Area: Windows Operating System
|
||||||||
| V-251548 | CAT II | MONT-SW-89108 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not automatically ch... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name or the Policy Value does not include "browser.search.update" with a value of "false" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "browser.search.update": { "Value": false, "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>browser.search.update</key> <dict> <key>Value</key> <false/> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "browser.search.update": { "Value": false, "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 37E00BCE4884B93709738FC53EBBE5D0402A7F99 ~~~~~ 'Preferences' is Enabled but not correct: Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: <enabled/> <data id="JSON" value=' { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event_contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } }'/> Type: REG_MULTI_SZ
Source: MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl
Scan Date: 2026-03-04T15:25:15.868210
Technology Area: Windows Operating System
|
||||||||
| V-251548 | CAT II | MONT-SW-89134 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not automatically ch... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name or the Policy Value does not include "browser.search.update" with a value of "false" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "browser.search.update": { "Value": false, "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>browser.search.update</key> <dict> <key>Value</key> <false/> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "browser.search.update": { "Value": false, "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 37E00BCE4884B93709738FC53EBBE5D0402A7F99 ~~~~~ 'Preferences' is Enabled but not correct: Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: <enabled/> <data id="JSON" value=' { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event_contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } }'/> Type: REG_MULTI_SZ
Source: MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl
Scan Date: 2026-03-04T15:25:41.899130
Technology Area: Windows Operating System
|
||||||||
| V-251549 | CAT II | MONT-WS-92040 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not automatically up... | - | |||
Check TextType "about:policies" in the browser window. If "ExtensionUpdate" is not displayed under Policy Name or the Policy Value is not "false", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Extensions Policy Name: Extension Update Policy State: Disabled macOS "plist" file: Add the following: <key>ExtensionUpdate</key> <false/> Linux "policies.json" file: Add the following in the policies section: "ExtensionUpdate": false Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F793F59E04C568231872AC49A83EE930422DFE9D ~~~~~ 'Extension Update' is Disabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: ExtensionUpdate Value: 0x00000000 (0) Type: REG_DWORD
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl
Scan Date: 2026-01-14T12:57:25.596878
Technology Area: Windows Operating System
|
||||||||
| V-251549 | CAT II | MONT-WS-92010 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not automatically up... | - | |||
Check TextType "about:policies" in the browser window. If "ExtensionUpdate" is not displayed under Policy Name or the Policy Value is not "false", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Extensions Policy Name: Extension Update Policy State: Disabled macOS "plist" file: Add the following: <key>ExtensionUpdate</key> <false/> Linux "policies.json" file: Add the following in the policies section: "ExtensionUpdate": false Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F793F59E04C568231872AC49A83EE930422DFE9D ~~~~~ 'Extension Update' is Disabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: ExtensionUpdate Value: 0x00000000 (0) Type: REG_DWORD
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl
Scan Date: 2026-01-14T12:57:27.870047
Technology Area: Windows Operating System
|
||||||||
| V-251549 | CAT II | MONT-SW-89108 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not automatically up... | - | |||
Check TextType "about:policies" in the browser window. If "ExtensionUpdate" is not displayed under Policy Name or the Policy Value is not "false", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Extensions Policy Name: Extension Update Policy State: Disabled macOS "plist" file: Add the following: <key>ExtensionUpdate</key> <false/> Linux "policies.json" file: Add the following in the policies section: "ExtensionUpdate": false Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F793F59E04C568231872AC49A83EE930422DFE9D ~~~~~ 'Extension Update' is Disabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: ExtensionUpdate Value: 0x00000000 (0) Type: REG_DWORD
Source: MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl
Scan Date: 2026-03-04T15:25:15.868210
Technology Area: Windows Operating System
|
||||||||
| V-251549 | CAT II | MONT-SW-89134 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not automatically up... | - | |||
Check TextType "about:policies" in the browser window. If "ExtensionUpdate" is not displayed under Policy Name or the Policy Value is not "false", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Extensions Policy Name: Extension Update Policy State: Disabled macOS "plist" file: Add the following: <key>ExtensionUpdate</key> <false/> Linux "policies.json" file: Add the following in the policies section: "ExtensionUpdate": false Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F793F59E04C568231872AC49A83EE930422DFE9D ~~~~~ 'Extension Update' is Disabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: ExtensionUpdate Value: 0x00000000 (0) Type: REG_DWORD
Source: MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl
Scan Date: 2026-03-04T15:25:41.899130
Technology Area: Windows Operating System
|
||||||||
| V-251550 | CAT II | MONT-WS-92040 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not automatically ex... | - | |||
Check TextType "about:preferences" in the browser address bar. Type "Applications" in the Find bar in the upper-right corner. Determine if any of the following file extensions are listed: HTA, JSE, JS, MOCHA, SHS, VBE, VBS, SCT, WSC, FDF, XFDF, LSL, LSO, LSS, IQY, RQY, DOS, BAT, PS, EPS, WCH, WCM, WB1, WB3, WCH, WCM, AD. If the entry exists and the "Action" is "Save File" or "Always Ask", this is not a finding. If an extension exists and the entry in the Action column is associated with an application that does/can execute the code, this is a finding. Fix TextRemove any unauthorized extensions from the auto-download list. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\W.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1106 ResultHash: FDD7EC120C3A7E53B1B2F0B1FE803C005523274E ~~~~~ None of the extensions in question are configured.
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl
Scan Date: 2026-01-14T12:57:25.596878
Technology Area: Windows Operating System
|
||||||||
| V-251550 | CAT II | MONT-WS-92010 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not automatically ex... | - | |||
Check TextType "about:preferences" in the browser address bar. Type "Applications" in the Find bar in the upper-right corner. Determine if any of the following file extensions are listed: HTA, JSE, JS, MOCHA, SHS, VBE, VBS, SCT, WSC, FDF, XFDF, LSL, LSO, LSS, IQY, RQY, DOS, BAT, PS, EPS, WCH, WCM, WB1, WB3, WCH, WCM, AD. If the entry exists and the "Action" is "Save File" or "Always Ask", this is not a finding. If an extension exists and the entry in the Action column is associated with an application that does/can execute the code, this is a finding. Fix TextRemove any unauthorized extensions from the auto-download list. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\D.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1104 ResultHash: FDD7EC120C3A7E53B1B2F0B1FE803C005523274E ~~~~~ None of the extensions in question are configured.
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl
Scan Date: 2026-01-14T12:57:27.870047
Technology Area: Windows Operating System
|
||||||||
| V-251550 | CAT II | MONT-SW-89108 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not automatically ex... | - | |||
Check TextType "about:preferences" in the browser address bar. Type "Applications" in the Find bar in the upper-right corner. Determine if any of the following file extensions are listed: HTA, JSE, JS, MOCHA, SHS, VBE, VBS, SCT, WSC, FDF, XFDF, LSL, LSO, LSS, IQY, RQY, DOS, BAT, PS, EPS, WCH, WCM, WB1, WB3, WCH, WCM, AD. If the entry exists and the "Action" is "Save File" or "Always Ask", this is not a finding. If an extension exists and the entry in the Action column is associated with an application that does/can execute the code, this is a finding. Fix TextRemove any unauthorized extensions from the auto-download list. Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 51FD6061F9FF59F75E48142A30E35B649C2E6863 ~~~~~ Evaluate-STIG intended to utilize MONT-SW-89108\Scan.Admin, but the user has NOT utilized Firefox on this system. User Profile Evaluated: MONT-SW-89108\dod_admin None of the extensions in question are configured.
Source: MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl
Scan Date: 2026-03-04T15:25:15.868210
Technology Area: Windows Operating System
|
||||||||
| V-251550 | CAT II | MONT-SW-89134 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not automatically ex... | - | |||
Check TextType "about:preferences" in the browser address bar. Type "Applications" in the Find bar in the upper-right corner. Determine if any of the following file extensions are listed: HTA, JSE, JS, MOCHA, SHS, VBE, VBS, SCT, WSC, FDF, XFDF, LSL, LSO, LSS, IQY, RQY, DOS, BAT, PS, EPS, WCH, WCM, WB1, WB3, WCH, WCM, AD. If the entry exists and the "Action" is "Save File" or "Always Ask", this is not a finding. If an extension exists and the entry in the Action column is associated with an application that does/can execute the code, this is a finding. Fix TextRemove any unauthorized extensions from the auto-download list. Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 Username: MONT-SW-89134\dod_admin UserSID: S-1-5-21-4004422625-1934610219-1178763574-1001 ResultHash: FDD7EC120C3A7E53B1B2F0B1FE803C005523274E ~~~~~ None of the extensions in question are configured.
Source: MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl
Scan Date: 2026-03-04T15:25:41.899130
Technology Area: Windows Operating System
|
||||||||
| V-251551 | CAT II | MONT-WS-92040 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to disable form fill as... | - | |||
Check TextType "about:policies" in the browser window. If "DisableFormHistory" is not displayed under Policy Name or the Policy Value is not "true", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox Policy Name: Disable Form History Policy State: Enabled macOS "plist" file: Add the following: <key>DisableFormHistory</key> <true/> Linux "policies.json" file: Add the following in the policies section: "DisableFormHistory": true Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9179F895F1390903A0B414F114CDB25AC3EE064D ~~~~~ 'Disable Form History' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: DisableFormHistory Value: 0x00000001 (1) Type: REG_DWORD
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl
Scan Date: 2026-01-14T12:57:25.596878
Technology Area: Windows Operating System
|
||||||||
| V-251551 | CAT II | MONT-WS-92010 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to disable form fill as... | - | |||
Check TextType "about:policies" in the browser window. If "DisableFormHistory" is not displayed under Policy Name or the Policy Value is not "true", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox Policy Name: Disable Form History Policy State: Enabled macOS "plist" file: Add the following: <key>DisableFormHistory</key> <true/> Linux "policies.json" file: Add the following in the policies section: "DisableFormHistory": true Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9179F895F1390903A0B414F114CDB25AC3EE064D ~~~~~ 'Disable Form History' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: DisableFormHistory Value: 0x00000001 (1) Type: REG_DWORD
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl
Scan Date: 2026-01-14T12:57:27.870047
Technology Area: Windows Operating System
|
||||||||
| V-251551 | CAT II | MONT-SW-89108 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to disable form fill as... | - | |||
Check TextType "about:policies" in the browser window. If "DisableFormHistory" is not displayed under Policy Name or the Policy Value is not "true", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox Policy Name: Disable Form History Policy State: Enabled macOS "plist" file: Add the following: <key>DisableFormHistory</key> <true/> Linux "policies.json" file: Add the following in the policies section: "DisableFormHistory": true Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 9179F895F1390903A0B414F114CDB25AC3EE064D ~~~~~ 'Disable Form History' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: DisableFormHistory Value: 0x00000001 (1) Type: REG_DWORD
Source: MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl
Scan Date: 2026-03-04T15:25:15.868210
Technology Area: Windows Operating System
|
||||||||
| V-251551 | CAT II | MONT-SW-89134 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to disable form fill as... | - | |||
Check TextType "about:policies" in the browser window. If "DisableFormHistory" is not displayed under Policy Name or the Policy Value is not "true", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox Policy Name: Disable Form History Policy State: Enabled macOS "plist" file: Add the following: <key>DisableFormHistory</key> <true/> Linux "policies.json" file: Add the following in the policies section: "DisableFormHistory": true Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 9179F895F1390903A0B414F114CDB25AC3EE064D ~~~~~ 'Disable Form History' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: DisableFormHistory Value: 0x00000001 (1) Type: REG_DWORD
Source: MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl
Scan Date: 2026-03-04T15:25:41.899130
Technology Area: Windows Operating System
|
||||||||
| V-251552 | CAT II | MONT-WS-92040 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not use a password s... | - | |||
Check TextType "about:policies" in the browser window. If "PasswordManagerEnabled" is not displayed under Policy Name or the Policy Value is not "false", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox Policy Name: PasswordManager Policy State: Disabled macOS "plist" file: Add the following: <key>PasswordManagerEnabled</key> <false/> Linux "policies.json" file: Add the following in the policies section: "PasswordManagerEnabled": false Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F9A42EA4C5CB40341BAB7120CDF0CA084C1B947E ~~~~~ 'Password Manager' is Disabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: PasswordManagerEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl
Scan Date: 2026-01-14T12:57:25.596878
Technology Area: Windows Operating System
|
||||||||
| V-251552 | CAT II | MONT-WS-92010 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not use a password s... | - | |||
Check TextType "about:policies" in the browser window. If "PasswordManagerEnabled" is not displayed under Policy Name or the Policy Value is not "false", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox Policy Name: PasswordManager Policy State: Disabled macOS "plist" file: Add the following: <key>PasswordManagerEnabled</key> <false/> Linux "policies.json" file: Add the following in the policies section: "PasswordManagerEnabled": false Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: F9A42EA4C5CB40341BAB7120CDF0CA084C1B947E ~~~~~ 'Password Manager' is Disabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: PasswordManagerEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl
Scan Date: 2026-01-14T12:57:27.870047
Technology Area: Windows Operating System
|
||||||||
| V-251552 | CAT II | MONT-SW-89108 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not use a password s... | - | |||
Check TextType "about:policies" in the browser window. If "PasswordManagerEnabled" is not displayed under Policy Name or the Policy Value is not "false", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox Policy Name: PasswordManager Policy State: Disabled macOS "plist" file: Add the following: <key>PasswordManagerEnabled</key> <false/> Linux "policies.json" file: Add the following in the policies section: "PasswordManagerEnabled": false Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F9A42EA4C5CB40341BAB7120CDF0CA084C1B947E ~~~~~ 'Password Manager' is Disabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: PasswordManagerEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl
Scan Date: 2026-03-04T15:25:15.868210
Technology Area: Windows Operating System
|
||||||||
| V-251552 | CAT II | MONT-SW-89134 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to not use a password s... | - | |||
Check TextType "about:policies" in the browser window. If "PasswordManagerEnabled" is not displayed under Policy Name or the Policy Value is not "false", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox Policy Name: PasswordManager Policy State: Disabled macOS "plist" file: Add the following: <key>PasswordManagerEnabled</key> <false/> Linux "policies.json" file: Add the following in the policies section: "PasswordManagerEnabled": false Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: F9A42EA4C5CB40341BAB7120CDF0CA084C1B947E ~~~~~ 'Password Manager' is Disabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: PasswordManagerEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl
Scan Date: 2026-03-04T15:25:41.899130
Technology Area: Windows Operating System
|
||||||||
| V-251553 | CAT II | MONT-WS-92040 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to block pop-up windows... | - | |||
Check TextType "about:policies" in the browser address bar. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Default" "true", this is a finding. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Locked" "true", this is a finding. "PopupBlocking" "Enabled" may be used to specify an allowlist of sites where pop-ups are desired, this is optional. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Popups Policy Name: Block pop-ups from websites Policy State: Enabled Policy Name: Do not allow preferences to be changed Policy State: Enabled Optional: Policy Name: Allowed Sites Policy State: Enabled Click "Show..." and enter a list of websites to be allowlisted. macOS "plist" file: Add the following: <key>PopupBlocking</key> <dict> <key>Allow</key> <array> <string>http://example.mil</string> <string>http://example.gov</string> </array> <key>Default</key> <true/> <key>Locked</key> <true/> </dict> Linux "policies.json" file: Add the following in the policies section: "PopupBlocking": { "Allow": ["http://example.mil/", "http://example.gov/"], "Default": true, "Locked": true} Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be OPEN on 10/23/2025 ResultHash: D7E7F097AAE9B8E85E5D5E6C0ED9A8811FB0F349 ~~~~~ 'Block pop-ups from websites' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Default Value: 0x00000001 (1) Type: REG_DWORD ----------------------------------------------------------------------- 'Do not allow preferences to be changed' is NOT Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Locked (Not found) -----------------------------------------------------------------------
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl
Scan Date: 2026-01-14T12:57:25.596878
Technology Area: Windows Operating System
|
||||||||
| V-251553 | CAT II | MONT-WS-92010 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to block pop-up windows... | - | |||
Check TextType "about:policies" in the browser address bar. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Default" "true", this is a finding. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Locked" "true", this is a finding. "PopupBlocking" "Enabled" may be used to specify an allowlist of sites where pop-ups are desired, this is optional. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Popups Policy Name: Block pop-ups from websites Policy State: Enabled Policy Name: Do not allow preferences to be changed Policy State: Enabled Optional: Policy Name: Allowed Sites Policy State: Enabled Click "Show..." and enter a list of websites to be allowlisted. macOS "plist" file: Add the following: <key>PopupBlocking</key> <dict> <key>Allow</key> <array> <string>http://example.mil</string> <string>http://example.gov</string> </array> <key>Default</key> <true/> <key>Locked</key> <true/> </dict> Linux "policies.json" file: Add the following in the policies section: "PopupBlocking": { "Allow": ["http://example.mil/", "http://example.gov/"], "Default": true, "Locked": true} Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be OPEN on 10/23/2025 ResultHash: D7E7F097AAE9B8E85E5D5E6C0ED9A8811FB0F349 ~~~~~ 'Block pop-ups from websites' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Default Value: 0x00000001 (1) Type: REG_DWORD ----------------------------------------------------------------------- 'Do not allow preferences to be changed' is NOT Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Locked (Not found) -----------------------------------------------------------------------
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl
Scan Date: 2026-01-14T12:57:27.870047
Technology Area: Windows Operating System
|
||||||||
| V-251553 | CAT II | MONT-SW-89108 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to block pop-up windows... | - | |||
Check TextType "about:policies" in the browser address bar. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Default" "true", this is a finding. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Locked" "true", this is a finding. "PopupBlocking" "Enabled" may be used to specify an allowlist of sites where pop-ups are desired, this is optional. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Popups Policy Name: Block pop-ups from websites Policy State: Enabled Policy Name: Do not allow preferences to be changed Policy State: Enabled Optional: Policy Name: Allowed Sites Policy State: Enabled Click "Show..." and enter a list of websites to be allowlisted. macOS "plist" file: Add the following: <key>PopupBlocking</key> <dict> <key>Allow</key> <array> <string>http://example.mil</string> <string>http://example.gov</string> </array> <key>Default</key> <true/> <key>Locked</key> <true/> </dict> Linux "policies.json" file: Add the following in the policies section: "PopupBlocking": { "Allow": ["http://example.mil/", "http://example.gov/"], "Default": true, "Locked": true} Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 79D13E0D5E08D476288AC1ACC76FD0D293699304 ~~~~~ 'Block pop-ups from websites' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Default Value: 0x00000001 (1) Type: REG_DWORD ----------------------------------------------------------------------- 'Do not allow preferences to be changed' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Locked Value: 0x00000001 (1) Type: REG_DWORD -----------------------------------------------------------------------
Source: MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl
Scan Date: 2026-03-04T15:25:15.868210
Technology Area: Windows Operating System
|
||||||||
| V-251553 | CAT II | MONT-SW-89134 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to block pop-up windows... | - | |||
Check TextType "about:policies" in the browser address bar. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Default" "true", this is a finding. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Locked" "true", this is a finding. "PopupBlocking" "Enabled" may be used to specify an allowlist of sites where pop-ups are desired, this is optional. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Popups Policy Name: Block pop-ups from websites Policy State: Enabled Policy Name: Do not allow preferences to be changed Policy State: Enabled Optional: Policy Name: Allowed Sites Policy State: Enabled Click "Show..." and enter a list of websites to be allowlisted. macOS "plist" file: Add the following: <key>PopupBlocking</key> <dict> <key>Allow</key> <array> <string>http://example.mil</string> <string>http://example.gov</string> </array> <key>Default</key> <true/> <key>Locked</key> <true/> </dict> Linux "policies.json" file: Add the following in the policies section: "PopupBlocking": { "Allow": ["http://example.mil/", "http://example.gov/"], "Default": true, "Locked": true} Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 79D13E0D5E08D476288AC1ACC76FD0D293699304 ~~~~~ 'Block pop-ups from websites' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Default Value: 0x00000001 (1) Type: REG_DWORD ----------------------------------------------------------------------- 'Do not allow preferences to be changed' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Locked Value: 0x00000001 (1) Type: REG_DWORD -----------------------------------------------------------------------
Source: MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl
Scan Date: 2026-03-04T15:25:41.899130
Technology Area: Windows Operating System
|
||||||||
| V-251554 | CAT II | MONT-WS-92040 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to prevent JavaScript f... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name or the Policy Value does not include "dom.disable_window_move_resize" with a value of "true" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "dom.disable_window_move_resize": { "Value": true, "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>dom.disable_window_move_resize</key> <dict> <key>Value</key> <true/> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "dom.disable_window_move_resize": { "Value": true, "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 89EC26540C357A3AA17CB6ACC509E10D4B721BD0 ~~~~~ 'Preferences' is Enabled: dom.disable_window_move_resize Value: True Status: locked Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event.contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } } Type: REG_MULTI_SZ
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl
Scan Date: 2026-01-14T12:57:25.596878
Technology Area: Windows Operating System
|
||||||||
| V-251554 | CAT II | MONT-WS-92010 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to prevent JavaScript f... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name or the Policy Value does not include "dom.disable_window_move_resize" with a value of "true" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "dom.disable_window_move_resize": { "Value": true, "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>dom.disable_window_move_resize</key> <dict> <key>Value</key> <true/> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "dom.disable_window_move_resize": { "Value": true, "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 89EC26540C357A3AA17CB6ACC509E10D4B721BD0 ~~~~~ 'Preferences' is Enabled: dom.disable_window_move_resize Value: True Status: locked Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event.contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } } Type: REG_MULTI_SZ
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl
Scan Date: 2026-01-14T12:57:27.870047
Technology Area: Windows Operating System
|
||||||||
| V-251554 | CAT II | MONT-SW-89108 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to prevent JavaScript f... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name or the Policy Value does not include "dom.disable_window_move_resize" with a value of "true" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "dom.disable_window_move_resize": { "Value": true, "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>dom.disable_window_move_resize</key> <dict> <key>Value</key> <true/> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "dom.disable_window_move_resize": { "Value": true, "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 37E00BCE4884B93709738FC53EBBE5D0402A7F99 ~~~~~ 'Preferences' is Enabled but not correct: Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: <enabled/> <data id="JSON" value=' { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event_contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } }'/> Type: REG_MULTI_SZ
Source: MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl
Scan Date: 2026-03-04T15:25:15.868210
Technology Area: Windows Operating System
|
||||||||
| V-251554 | CAT II | MONT-SW-89134 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to prevent JavaScript f... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name or the Policy Value does not include "dom.disable_window_move_resize" with a value of "true" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "dom.disable_window_move_resize": { "Value": true, "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>dom.disable_window_move_resize</key> <dict> <key>Value</key> <true/> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "dom.disable_window_move_resize": { "Value": true, "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 37E00BCE4884B93709738FC53EBBE5D0402A7F99 ~~~~~ 'Preferences' is Enabled but not correct: Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: <enabled/> <data id="JSON" value=' { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event_contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } }'/> Type: REG_MULTI_SZ
Source: MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl
Scan Date: 2026-03-04T15:25:41.899130
Technology Area: Windows Operating System
|
||||||||
| V-251555 | CAT II | MONT-WS-92040 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to prevent JavaScript f... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name or the Policy Value does not include "dom.disable_window_flip" with a value of "true" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "dom.disable_window_flip": { "Value": true, "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>dom.disable_window_flip</key> <dict> <key>Value</key> <true/> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "dom.disable_window_flip": { "Value": true, "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3F867D7F319A1124DB9134388A49E4C3A4649CB0 ~~~~~ 'Preferences' is Enabled: dom.disable_window_flip Value: True Status: locked Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event.contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } } Type: REG_MULTI_SZ
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl
Scan Date: 2026-01-14T12:57:25.596878
Technology Area: Windows Operating System
|
||||||||
| V-251555 | CAT II | MONT-WS-92010 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to prevent JavaScript f... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name or the Policy Value does not include "dom.disable_window_flip" with a value of "true" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "dom.disable_window_flip": { "Value": true, "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>dom.disable_window_flip</key> <dict> <key>Value</key> <true/> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "dom.disable_window_flip": { "Value": true, "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3F867D7F319A1124DB9134388A49E4C3A4649CB0 ~~~~~ 'Preferences' is Enabled: dom.disable_window_flip Value: True Status: locked Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event.contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } } Type: REG_MULTI_SZ
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl
Scan Date: 2026-01-14T12:57:27.870047
Technology Area: Windows Operating System
|
||||||||
| V-251555 | CAT II | MONT-SW-89108 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to prevent JavaScript f... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name or the Policy Value does not include "dom.disable_window_flip" with a value of "true" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "dom.disable_window_flip": { "Value": true, "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>dom.disable_window_flip</key> <dict> <key>Value</key> <true/> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "dom.disable_window_flip": { "Value": true, "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 37E00BCE4884B93709738FC53EBBE5D0402A7F99 ~~~~~ 'Preferences' is Enabled but not correct: Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: <enabled/> <data id="JSON" value=' { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event_contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } }'/> Type: REG_MULTI_SZ
Source: MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl
Scan Date: 2026-03-04T15:25:15.868210
Technology Area: Windows Operating System
|
||||||||
| V-251555 | CAT II | MONT-SW-89134 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to prevent JavaScript f... | - | |||
Check TextType "about:policies" in the browser address bar. If "Preferences" is not displayed under Policy Name or the Policy Value does not include "dom.disable_window_flip" with a value of "true" and status of "locked", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\ Policy Name: Preferences Policy State: Enabled Policy Value: { "dom.disable_window_flip": { "Value": true, "Status": "locked" } } macOS "plist" file: Add the following: <key>Preferences</key> <dict> <key>dom.disable_window_flip</key> <dict> <key>Value</key> <true/> <key>Status</key> <string>locked</string> </dict> </dict> Linux "policies.json" file: Add the following in the policies section: "Preferences": { "dom.disable_window_flip": { "Value": true, "Status": "locked" } } Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 37E00BCE4884B93709738FC53EBBE5D0402A7F99 ~~~~~ 'Preferences' is Enabled but not correct: Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: Preferences Value: <enabled/> <data id="JSON" value=' { "security.default_personal_cert": { "Value": "Ask Every Time", "Status": "locked" }, "browser.search.update": { "Value": false, "Status": "locked" }, "dom.disable_window_move_resize": { "Value": true, "Status": "locked" }, "dom.disable_window_flip": { "Value": true, "Status": "locked" }, "dom.event_contextmenu.enabled": { "Value": false, "Status": "locked" }, "browser.contentblocking.category": { "Value": "strict", "Status": "locked" }, "extensions.htmlaboutaddons.recommendations.enabled": { "Value": false, "Status": "locked" } }'/> Type: REG_MULTI_SZ
Source: MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl
Scan Date: 2026-03-04T15:25:41.899130
Technology Area: Windows Operating System
|
||||||||
| V-251557 | CAT II | MONT-WS-92040 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to disable the installa... | - | |||
Check TextType "about:policies" in the browser address bar. If "InstallAddonsPermission" is not displayed under Policy Name or the Policy Value is not "Default" "false", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Addons Policy Name: Allow add-on installs from websites Policy State: Disabled macOS "plist" file: Add the following: <key>InstallAddonsPermission</key> <false/> Linux "policies.json" file: Add the following in the policies section: "InstallAddonsPermission": { "Default": false } Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 0E7B81B53942ED296D25D3B0AD56B1D1F43C8811 ~~~~~ 'Allow add-on installs from websites' is Disabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\InstallAddonsPermission Name: Default Value: 0x00000000 (0) Type: REG_DWORD
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl
Scan Date: 2026-01-14T12:57:25.596878
Technology Area: Windows Operating System
|
||||||||
| V-251557 | CAT II | MONT-WS-92010 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to disable the installa... | - | |||
Check TextType "about:policies" in the browser address bar. If "InstallAddonsPermission" is not displayed under Policy Name or the Policy Value is not "Default" "false", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Addons Policy Name: Allow add-on installs from websites Policy State: Disabled macOS "plist" file: Add the following: <key>InstallAddonsPermission</key> <false/> Linux "policies.json" file: Add the following in the policies section: "InstallAddonsPermission": { "Default": false } Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 0E7B81B53942ED296D25D3B0AD56B1D1F43C8811 ~~~~~ 'Allow add-on installs from websites' is Disabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\InstallAddonsPermission Name: Default Value: 0x00000000 (0) Type: REG_DWORD
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl
Scan Date: 2026-01-14T12:57:27.870047
Technology Area: Windows Operating System
|
||||||||
| V-251557 | CAT II | MONT-SW-89108 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to disable the installa... | - | |||
Check TextType "about:policies" in the browser address bar. If "InstallAddonsPermission" is not displayed under Policy Name or the Policy Value is not "Default" "false", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Addons Policy Name: Allow add-on installs from websites Policy State: Disabled macOS "plist" file: Add the following: <key>InstallAddonsPermission</key> <false/> Linux "policies.json" file: Add the following in the policies section: "InstallAddonsPermission": { "Default": false } Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 0E7B81B53942ED296D25D3B0AD56B1D1F43C8811 ~~~~~ 'Allow add-on installs from websites' is Disabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\InstallAddonsPermission Name: Default Value: 0x00000000 (0) Type: REG_DWORD
Source: MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl
Scan Date: 2026-03-04T15:25:15.868210
Technology Area: Windows Operating System
|
||||||||
| V-251557 | CAT II | MONT-SW-89134 | Mozilla Firefox Security Technical Imple... | Firefox must be configured to disable the installa... | - | |||
Check TextType "about:policies" in the browser address bar. If "InstallAddonsPermission" is not displayed under Policy Name or the Policy Value is not "Default" "false", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Addons Policy Name: Allow add-on installs from websites Policy State: Disabled macOS "plist" file: Add the following: <key>InstallAddonsPermission</key> <false/> Linux "policies.json" file: Add the following in the policies section: "InstallAddonsPermission": { "Default": false } Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 0E7B81B53942ED296D25D3B0AD56B1D1F43C8811 ~~~~~ 'Allow add-on installs from websites' is Disabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\InstallAddonsPermission Name: Default Value: 0x00000000 (0) Type: REG_DWORD
Source: MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl
Scan Date: 2026-03-04T15:25:41.899130
Technology Area: Windows Operating System
|
||||||||
| V-251558 | CAT II | MONT-WS-92040 | Mozilla Firefox Security Technical Imple... | Background submission of information to Mozilla mu... | - | |||
Check TextType "about:policies" in the browser window. If "DisableTelemetry" is not displayed under Policy Name or the Policy Value is not "true", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox Policy Name: Disable Telemetry Policy State: Enabled macOS "plist" file: Add the following: <key>DisableTelemetry</key> <true/> Linux "policies.json" file: Add the following in the policies section: "DisableTelemetry": true Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 040661501711A5ABA042F5832E27758977494917 ~~~~~ 'Disable Telemetry' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: DisableTelemetry Value: 0x00000001 (1) Type: REG_DWORD
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl
Scan Date: 2026-01-14T12:57:25.596878
Technology Area: Windows Operating System
|
||||||||
| V-251558 | CAT II | MONT-WS-92010 | Mozilla Firefox Security Technical Imple... | Background submission of information to Mozilla mu... | - | |||
Check TextType "about:policies" in the browser window. If "DisableTelemetry" is not displayed under Policy Name or the Policy Value is not "true", this is a finding. Fix TextWindows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox Policy Name: Disable Telemetry Policy State: Enabled macOS "plist" file: Add the following: <key>DisableTelemetry</key> <true/> Linux "policies.json" file: Add the following in the policies section: "DisableTelemetry": true Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 040661501711A5ABA042F5832E27758977494917 ~~~~~ 'Disable Telemetry' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox Name: DisableTelemetry Value: 0x00000001 (1) Type: REG_DWORD
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl
Scan Date: 2026-01-14T12:57:27.870047
Technology Area: Windows Operating System
|
||||||||