STIGQter STIGQter: STIG Summary: Adobe Acrobat Reader DC Classic Track Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 26 Jul 2019: Adobe Reader DC must Block Websites.

DISA Rule

SV-80257r2_rule

Vulnerability Number

V-65767

Group Title

SRG-APP-000112

Rule Version

ARDC-CL-000025

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the following registry value:

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path:
\Software\Policies\Adobe\Acrobat Reader\2015\FeatureLockDown\cDefaultLaunchURLPerms

Value Name: iURLPerms
Type: REG_DWORD
Value: 1

If configuring the system to allow access to websites, obtain documented ISSO approvals and risk acceptance and set “iURLPerms” to “0”.

Check Contents

Verify the following registry configuration:

Utilizing the Registry Editor, navigate to the following: HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Acrobat Reader\2015\FeatureLockDown\cDefaultLaunchURLPerms

Value Name: iURLPerms

Type: REG_DWORD

Value: 1

Value: 0 – only with a documented ISSO risk acceptance

If the value for iURLPerms is set to “0” and a documented ISSO risk acceptance approving access to the websites is provided, this is not a finding.

If the value for “iURLPerms” is not set to “1” and “Type” configured to “REG_DWORD” or does not exist, this is a finding.

Vulnerability Number

V-65767

Documentable

False

Rule Version

ARDC-CL-000025

Severity Override Guidance

Verify the following registry configuration:

Utilizing the Registry Editor, navigate to the following: HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Acrobat Reader\2015\FeatureLockDown\cDefaultLaunchURLPerms

Value Name: iURLPerms

Type: REG_DWORD

Value: 1

Value: 0 – only with a documented ISSO risk acceptance

If the value for iURLPerms is set to “0” and a documented ISSO risk acceptance approving access to the websites is provided, this is not a finding.

If the value for “iURLPerms” is not set to “1” and “Type” configured to “REG_DWORD” or does not exist, this is a finding.

Check Content Reference

M

Target Key

3015

Comments