Detections
Analytics
AADC-CL-000275 - Adobe Acrobat Pro DC Classic PDF file attachments must be blocked.
Information
Acrobat Pro allows for files to be attached to PDF documents. Attachments represent a potential security risk because they can contain malicious content, open other dangerous files, or launch applications.This feature prevents users from opening or launching file types other than PDF or FDF and disables the menu option to re-enable.Solution
Configure the following registry value:Registry Hive:
HKEY_LOCAL_MACHINE
Registry Path:
\Software\Policies\Adobe\Adobe Acrobat\2015\FeatureLockDown
Value Name: iFileAttachmentPerms
Type: REG_DWORD
Value: 1
Configure the policy value for Computer Configuration > Administrative Templates > Adobe Acrobat Pro DC Classic > Preferences > Trust Manager > 'Allow opening of non-PDF file attachments with external applications' to 'Disabled'.
This policy setting requires the installation of the AcrobatProDCClassic custom templates included with the STIG package. 'AcrobatProDCClassic.admx' and 'AcrobatProDCClassic.adml' must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Adobe_Acrobat_Pro_DC_Classic_V2R1_STIG.zip
Item Details
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-7a., CAT|II, CCI|CCI-000381, Rule-ID|SV-213095r557504_rule, STIG-ID|AADC-CL-000275, STIG-Legacy|SV-94819, STIG-Legacy|V-80115, Vuln-ID|V-213095
Plugin: Windows
Control ID: 87d4073f7fe256d71a484a86f7ba7eb497c451843785da6ef672f3651dd06312