Firefox for Enterprise Community Forum

Hi all,

For quite a while I'm working together with others on a voluntary base (nobody gets money) as members of a computer-club, a charitable NGO and NPO (in German: gemeinnütziger Verein) for seniors in order to bring them closer to the use of digital devices and media. It's not only teaching, but administrating the hard- and software as well.

I can remember that it was possible in former versions of Firefox to include at least a script into "defaults->prefs". I think it was user.js (not sure) in the installation folder to define common preferences to be fixed, like proxi settings. It always worked well, preventing non-privileged users from making any unwanted changes. As a I found out there must have been a very similar way to include add-ons (like uBlock Origin).

Unfortunately all content I found was older than about 10 years. When trying setting up Firefox as it is now, my test system didn't care about anything I've tried.

I'm talking about > 50 Windows-PC having in average 3 user profiles each (for teaching more than 400 members). We are amateurs regarding PC administration, except some network ex-professionals. "Baking" installation media including our needs, as I already found on Mozilla's pages, seems to be beyond our abilities as well as distributing a fitting profile (we don't have a MS-server), not speaking about Group Policies.

Is there any usable guideline for people like us? Today, each FF-installation looks different and I would like to unify this as easy as possible.

Greetings!

I am using the firefox enterprise version and I have noticed an issue that the browser does not capture mouse events when the pointer is at rightmost edge of the firefox window. For example, on this website near the edge the pointer would initially focus on the scroll bar and then lose focus at the edge (see attached images).

This issue does not persist on x11, and only seems to exist on wayland. It also exists on other flavours of firefox on wayland.

If more information is required, feel free to send me a ping.

Hi,

I am having the issues on more than 1 pc that after updating the firefox esr 128 version to 140 esr version, the firefox does not work properly, specially with xWiki. when i click on xwiki (on-premis server), i can read the contents and all. but when i click edit then it shows the blank page. this is very odd as it happens after updating to 140 version. picture is attached.

Thanks Sheras

How do I lock the Microsoft Purview settings in the attached image using intune, so users cannot change them.

I have been able to make it that they cant disable or remove the extension but cannot figure out how to make it that they cant change the settings. I did try making a json file but it does not seem like Firefox uses it.

We are allowing end user to scan 2D matrix barcode using a wedge scanner in our application. We are facing a problem where different elements of the bar code are not getting split into the application. On investigating this further, we found that Firefox browser not recognising the FNC character(input character 29) coming from input stream (barcode scanner in this case).

I've been struggling for months to standardize a deployment of Firefox ESR across various client environments that reliably auto-updates and doesn't cause UAC prompts and XULRunner profile error pop-ups(I work in IT).

We deploy Firefox ESR in bulk on machines via a batch script which runs as SYSTEM, with msiexec /i and /qn flags.

Firefox installs fine, but then users are typically met with a UAC prompt when they first try to run Firefox. If they decline, then the UAC prompt comes back again next time and often fails to update at all, so the machine is left on an older, vulnerable version.

Regarding the environment: we have deployed the Firefox ESR admx templates and enabled the relevant auto update settings in Group Policy. But only some machines seem to stay up to date, and it seems like this only happens if a user with local administrative privileges has run the program at least once.

What I find unusual is that Firefox seems to attempt to make a "Background Updater" scheduled task for every user that runs the software on each PC, but these users do not have administrative privileges, and the scheduled task is set to only run when that user is logged in. Obviously a scheduled task running as a user with limited privileges isn't going to be able to update files in the Mozilla/Firefox subdirectory in "Program Files" as by default that's read-only access for non-admin users. And, obviously, if a user with local admin privileges DOES log into the machine, then it can update once, but then the scheduled task that it creates for that user (now with admin privileges) will only run when that user logs in - and we don't login as "admin"-privileged users day-to-day.

So, various machines are out of date, running vulnerable Firefox 128 instead of 140 or 142 even though they're all deployed from the same image and have the same policies and restrictions, and ran the same installer for Firefox.

Is there some reason why the auto update scheduled task isn't created at installation time, when administrative privileges have been granted? It's very odd that it doesn't, because then every time a user logs into a machine it seems like Firefox ESR creates the background upgrade task under a non-admin user which simply won't work. I see machines having 4 or 5 background upgrade scheduled tasks, all created by Firefox ESR, and yet the software still won't update - there's a UAC prompt every time the program launches, and going to Help -> About shows "Restart Firefox to update..." but then when clicking the button to restart Firefox, we get the UAC prompt, user doesn't have privileges, so this goes around and around in circles.

Is there a reliable way to keep Firefox up to date without manually logging into each machine and going through the UAC prompts? Can we manually create a scheduled task with the correct user account that has privileges to actually upgrade Firefox?

The background auto update mechanism simply doesn't make sense to our team on a machine-wide install.

I've been tasked with removing Firefox from all Windows workstations in our enterprise environment. Our users don't have local admin, so when they install Firefox, it is installed in the user's profile.

I've just installed Firefox 143.0.1 in my own user profile for testing purposes. However, when I attempt to uninstall, either from Control Panel or by running %localappdata%\Mozilla Firefox\uninstall\helper.exe manually, UAC prompts for elevation, even though I installed without elevating.

I've dug in a bit more, and I found this was an issue five years ago as well:

https://support.mozilla.org/en-US/questions/1286070

According to that post, the issue was resolved, but it seems to have come back.

Any help would be appreciated.

I am working on a stig for Mozilla Firefox and I'm trying to do a scap compliance scan but or some reason I am getting a score of zero on all systems. We do patch regularly and at some point one of the version upgrades caused our compliance scans stopped working. I need a fix and cannot find anything when searching for this issue.

I have a few questions regarding the auto-update policy of extensions installed via ExtensionSettings with the force_installed installation mode.

1. Can the extension receive auto-updates just like extensions installed through normal means? (e.g. extensions installed from https://addons.mozilla.org)
2. If so, will the user be notified when the extension requests new permissions?

I would like to know how the Firefox CVEs are affected on its version which are mentioned in NVD.

Let take mfsa2025-59, for example CVE-2025-8040, as per the NVD its says Firefox ESR < 140.1 is affected so does that mean it affect all the version which are lower than 140.1 which included the ESR 128 and ESR 115 versions or just the ESR 140 version series? then it raise on more question check this cve-2025-8029 in NVD it has specifically mentioned it only affect "Firefox ESR < 128.13, Firefox ESR < 140.1" and not the ESR 115 versions. Could anyone confirm it does not affect the ESR 115 versions or it affect all the versions? Now check this one cve-2025-8027, NVD clearly mentioned "Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1" are affected so what I understand is that if the Firefox ESR 115 is vulnerable to any CVE it would be mentioned in the NVD specifically.

My point is that if any Firefox CVEs are listed in NVD and it specify only one version like “Firefox ESR < 140.1” what does that mean? Does it affect all the versions which include ESR 128 and ESR 115 or just the ESR 140 series version only affected? If any CVEs are affected on the ESR 115 and ESR 128 does Mozilla specifically mentioned those versions are affected right? Just like its mentioned in the cve-2025-8027

Any help would be appreciated to clarify this.

I've been tasked with removing Firefox from all Windows workstations in our enterprise environment. Our users don't have local admin, so when they install Firefox, it is installed in the user's profile.

I've just installed Firefox 143.0.1 in my own user profile for testing purposes. However, when I attempt to uninstall, either from Control Panel or by running %localappdata%\Mozilla Firefox\uninstall\helper.exe manually, UAC prompts for elevation, even though I installed without elevating.

Is this a known issue? If yes, is there a workaround?

Thanks!

We recently update Firefox with version 138.0 and now getting the message "Gah. Your tab just crashed" when opening the browser.

We attempted to update and install version 138.0.1 only resulting with the same error. We also found and attempted the following all resulting with the same error: - change the about:config page for settings to false for both browser.tabs.remote.autostart and browser.tabs.remote.autostart.2

- clear browser cache.

- enable Temporary Mode in the Help menu. This appears to fix the problem but only for the current browser session. When a new Firefox window is opened, the error reappears.

What is needed to resolve this error or is there a way to permanently enable Temporary Mode or some similar setting? Thanks for all your help with this.

Hello, Mozilla community.

I am trying to configure a Firefox ESR installation so that every new user on a computer automatically receives a visual customization (a logo change on about:home) through userChrome.css and userContent.css files.

My goal is to do this without using Group Policy (GPO) or logon scripts, by only modifying the files in the Firefox installation folder.

Environment:

Firefox Version: Firefox ESR 140.3.0esr

Operating System: Windows 11 Pro

Context: Standalone machine, managed without Active Directory.

My Question:

Is this method of deploying a default profile via installation files (defaults/profile or distribution.ini) still supported in recent versions of Firefox ESR?

Is there an additional step or configuration I am missing for Firefox to recognize and use the bundled profile when creating a user's first profile?

Is there any policy in policies.json that could be interfering or that is required to enable this behavior?

Thank you very much for your help and your time.

Hello,

For enterprise solutions, for our browser extension can we disable the switch button where user can turn-off the "Access your data for all websites"?

This can be informed to the end user and also approved by the IT admins.

But the option to disable at runtime on the fly needs to be disabled.

Dear Sir or Madam,

We are experiencing an issue with various users on our terminal servers whereby websites open very slowly when using Firefox. When I access the website using Edge from the same user session, everything works very quickly. We have already tried creating a new profile in Firefox and clearing the cache, but without success. Could you please help us?

The operating system used is Windows Server 2022.

Current version of Firefox has

    (1) popups to get me to download a new version,
    (2) tab pickup,
    (3) popups to show
    article titles,
    (4) popups to show
    current URLs.

I just want to download the install programs until I get the most recent one that has none of (1) - (4).

I need to go back 1, 3, 5, 10 years?

So where on the Internet should I go to get such an old Firefox install program?

I used to really like Firefox, but changes (1) -- (2) have ruined it for me.

I have recently needed to update my motherboard, and the workshop put my C: and D: drives into an old second-hand motherboard they had. I have now checked Firefox - which was on my C: drive, and it works with all my old bookmarks. However I seem to now be part of an 'Enterprise', which I do not want. How do I get rid of my involvement with an Enterprise within Firefox? Thanks for your help. Kanga85

Recently we've began installing Firefox 140.2.0esr to our environment via the .msi file that Mozilla provides, however we're running in to a very odd incident.

After approximately 24 hours from installing Firefox esr to devices, it appears that the application is "updating" to 141.0.3 on the "release" channel. As far as I'm aware, this shouldn't be possible to begin with. But we've applied these settings via GPO:

Computer Config > Policies > Admin Templates > Mozilla > Firefox Application Autoupdate = Disabled Pin updates to a specific version = Enabled = Set to 140.2.0 Background updater = Disabled Disable Update = Enabled Manual Update Only = Enabled

After applying the GPO, confirmed this appears within the registry:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\ AppAutoUpdate = 0 AppUpdatePin = 140.2.0 BackgroundAppUpdate = 0 DisableAppUpdate = 1 ManualAppUpdateOnly = 1

At this point, I'm at a loss. We cannot have rapid release be what's installed in our environment. Is there something broken with 140.2.0 or are we doing something wrong here?