Detections
Analytics

ARDC-CN-000020 - Adobe Reader DC must enable Protected View.

Information

A threat to users of Adobe Reader DC is opening a PDF file that contains malicious executable content.

Protected view restricts Adobe Reader DC functionality, within a sandbox, when a PDF is opened from an untrusted source.

This isolation of the PDFs reduces the risk of security breaches in areas outside the sandbox.

Satisfies: SRG-APP-000112, SRG-APP-000206, SRG-APP-000207, SRG-APP-000209, SRG-APP-000210

Solution

Configure the following registry value:

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \Software\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown

Value Name: iProtectedView
Type: REG_DWORD
Value: 2

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Adobe_Acrobat_Reader_DC_Continuous_V2R1_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(1), 800-53|SC-18(3), 800-53|SC-18(4), CAT|II, CCI|CCI-001166, CCI|CCI-001169, CCI|CCI-001170, CCI|CCI-001662, CCI|CCI-001695, Rule-ID|SV-213171r395811_rule, STIG-ID|ARDC-CN-000020, STIG-Legacy|SV-79415, STIG-Legacy|V-64925, Vuln-ID|V-213171

Plugin: Windows

Control ID: c1fd5f5368ee7c47f488359a378c48358e7906bca4f45317dd5f3d882506714b