STIGQter STIGQter: STIG Summary: Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide Version: 1 Release: 6 Benchmark Date: 26 Jul 2019: Adobe Reader DC must disable periodical uploading of Adobe certificates.

DISA Rule

SV-80165r1_rule

Vulnerability Number

V-65675

Group Title

SRG-APP-000427

Rule Version

ARDC-CN-000335

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Configure the following registry value:

Note: The Key Names "cDigSig" and "cAdobeDownload" are not created by default in the Adobe Reader DC install and must be created.

Registry Hive: HKEY_CURRENT_USER
Registry Path: \Software\Adobe\Acrobat Reader\DC\Security\cDigSig\cAdobeDownload

Value Name: bLoadSettingsFromURL
Type: REG_DWORD
Value: 0

Check Contents

Verify the following registry configuration:

Note: The Key Names "cDigSig" and "cAdobeDownload" are not created by default in the Adobe Reader DC install and must be created.

Utilizing the Registry Editor, navigate to the following: HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\Security\cDigSig\cAdobeDownload

Value Name: bLoadSettingsFromURL
Type: REG_DWORD
Value: 0

If the value for bLoadSettingsFromURL is not set to “0” and Type configured to REG_DWORD or does not exist, then this is a finding.

Vulnerability Number

V-65675

Documentable

False

Rule Version

ARDC-CN-000335

Severity Override Guidance

Verify the following registry configuration:

Note: The Key Names "cDigSig" and "cAdobeDownload" are not created by default in the Adobe Reader DC install and must be created.

Utilizing the Registry Editor, navigate to the following: HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\Security\cDigSig\cAdobeDownload

Value Name: bLoadSettingsFromURL
Type: REG_DWORD
Value: 0

If the value for bLoadSettingsFromURL is not set to “0” and Type configured to REG_DWORD or does not exist, then this is a finding.

Check Content Reference

M

Target Key

2897

Comments