[Mozilla Enterprise] Firefox ESR Upgrade Deletes Enterprise Policies
Eddie Rowe
eddie.rowe at tdhca.state.tx.us
Thu Aug 27 16:32:58 UTC 2020
I discovered today that Firefox ESR 68.12 and Firefox 78.2 may have logic built into the .EXE installer to delete folders on systems containing our enterprise policies. After applying the upgrade to a system I noticed the Enterprise policies were inactive. Dropping to the file system I noticed the C:\Program files\Mozilla Firefox\Distribution\ folder was missing. We use a third party tool to patch and I think it has its own issues with this release so all testing was done manually applying the .EXE upgrade.
Setup:
* Windows 10 x64
* Firefox ESR (we moved to 78 to I saw this with 78.2 and I tested 68.12 and duplicated the behavior)
* Policies.json file used
* Windows Group Policy Preference refreshes our Policies.json file
Steps to Reproduce:
1. Install/setup Firefox ESR 68.11 or 78.1 and verify policies.json file is in the proper folder and enterprise policies are applied ala about:policies
2. Launch the upgrade (.EXE installer) and as soon as the dialog appears "Doing a Little Housekeeping" you will notice the C:\Program files\Mozilla Firefox\Distribution\ disappears
3. Group Policy will eventually replace the files, but if the browser is closed and launched when the files are missing, all the hard work to harden Firefox goes by the wayside.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/enterprise/attachments/20200827/9555a0ce/attachment.html>
More information about the Enterprise
mailing list