STIGQter: STIG Summary: Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide Version: 1 Release: 6 Benchmark Date: 26 Jul 2019:

Adobe Reader DC must enable Protected Mode.

DISA Rule

SV-79413r1_rule

Vulnerability Number

V-64923

Group Title

SRG-APP-000112

Rule Version

ARDC-CN-000015

Severity

CAT II

CCI(s)

CCI-001166 - The information system identifies organization-defined unacceptable mobile code.
CCI-001169 - The information system prevents the download of organization-defined unacceptable mobile code.
CCI-001170 - The information system prevents the automatic execution of mobile code in organization-defined software applications.
CCI-001662 - The information system takes organization-defined corrective action when organization-defined unacceptable mobile code is identified.
CCI-001695 - The information system prevents the execution of organization-defined unacceptable mobile code.

Weight

Fix Recommendation

Configure the following registry value:

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \Software\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown

Value Name: bProtectedMode
Type: REG_DWORD
Value: 1

Check Contents

Verify the following registry configuration:

Utilizing the Registry Editor, navigate to the following: HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown

Value Name: bProtectedMode
Type: REG_DWORD
Value: 1

If the value for bProtectedMode is not set to “1” and Type configured to REG_DWORD or does not exist, then this is a finding.

Adobe Reader DC must enable Protected Mode.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments