Detections
Analytics

ARDC-CL-000020 - Adobe Reader DC must enable Protected View.

Information

A threat to users of Adobe Reader DC is opening a PDF file that contains malicious executable content.

Protected view restricts Adobe Reader DC functionality, within a sandbox, when a PDF is opened from an untrusted source.

This isolation of the PDFs reduces the risk of security breaches in areas outside the sandbox.

Satisfies: SRG-APP-000112, SRG-APP-000206, SRG-APP-000207, SRG-APP-000209, SRG-APP-000210

Solution

Configure the following registry value:

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \Software\Policies\Adobe\Acrobat Reader\2015\FeatureLockDown

Value Name: iProtectedView
Type: REG_DWORD
Value: 2

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Adobe_Acrobat_Reader_DC_Classic_V2R1_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(1), 800-53|SC-18(3), 800-53|SC-18(4), CAT|II, CCI|CCI-001166, CCI|CCI-001169, CCI|CCI-001170, CCI|CCI-001662, CCI|CCI-001695, Rule-ID|SV-213144r557349_rule, STIG-ID|ARDC-CL-000020, STIG-Legacy|SV-80229, STIG-Legacy|V-65739, Vuln-ID|V-213144

Plugin: Windows

Control ID: 603aaba558df408588800681f96cace2a042977bd79737dc2958bcfd72812fa2