STIGQter: STIG Summary: Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide Version: 1 Release: 6 Benchmark Date: 26 Jul 2019:

Adobe Reader DC must disable Acrobat Upsell.

DISA Rule

SV-80539r1_rule

Vulnerability Number

V-66049

Group Title

SRG-APP-000141

Rule Version

ARDC-CN-000080

Severity

CAT III

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

10

Fix Recommendation

Configure the following registry value:

Registry Hive: HKEY_LOCAL_MACHINE

Registry Path: \Software\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown

Value Name: bAcroSuppressUpsell
Type: REG_DWORD
Value: 1

Check Contents

Verify the following registry configuration:

Utilizing the Registry Editor, navigate to the following:

HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown

Value Name: bAcroSuppressUpsell
Type: REG_DWORD
Value: 1

If the value for bAcroSuppressUpsell is not set to “1” and Type configured to REG_DWORD or does not exist, then this is a finding.

Vulnerability Number

V-66049

Documentable

False

Rule Version

ARDC-CN-000080

Severity Override Guidance

Verify the following registry configuration:

Utilizing the Registry Editor, navigate to the following:

HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown

Value Name: bAcroSuppressUpsell
Type: REG_DWORD
Value: 1

If the value for bAcroSuppressUpsell is not set to “1” and Type configured to REG_DWORD or does not exist, then this is a finding.

Check Content Reference

M

Target Key

2897

Comments