Disable EAF for firefox.exe as a part of the security baseline

Question

Hi!&nbsp;I'm working for Mozilla.&nbsp; We have https://bugzilla.mozilla.org/show_bug.cgi?id=1509748 that Firefox does not launch because EAF is turned on for firefox.exe by the customer's corporate IT policy.&nbsp; Since Firefox does not support EAF, what we can do is to ask customers to disable EAF, but they can't if they don't have admin rights.&nbsp;The current security baseline contains a script to disable EAF for several executables such as onedrive.exe or acrord32.&nbsp; Could you please add an entry to disable EAF for firefox.exe as well?&nbsp;I also confirmed Chrome (chrome.exe) and the new MS Edge (msedge.exe) has the same issue.&nbsp;Thanks,Toshihito

reza_ameri-archived · Answer

tokikuch&nbsp;
&nbsp;
You could configure Exploit Protection , they way you want (like disable EAF for firefox.exe or other apps) and then export it, take a look at:
&nbsp;
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml&nbsp;
&nbsp;
Then you may use number of ways like Group Policy, MEM ,... to deploy policy and manage it, take a look at:
&nbsp;
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection

rick_munck · Answer

tokikuch&nbsp;from a security baseline perspective we would not make this change to our baseline as it appears this is something your local IT department changed.&nbsp; The EP-reset.xml that we distribute resets the settings we originally had in EP.xml.&nbsp; If you look in it (EP.xml) we do not mess with EAF for the ones you mention.&nbsp;
&nbsp;
What&nbsp;Reza_Ameri-Archived&nbsp;mentions below is your best bet.

tokikuch · Answer

Rick_MunckOh, I see.&nbsp; It means a previous baseline had enabled EAF for those applications like Adobe.&nbsp; Thanks you for clarifying it!

Forum Discussion

Disable EAF for firefox.exe as a part of the security baseline

3 Replies

Resources