Adobe Reader DC must enable Protected View.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-213171 | SRG-APP-000112 | ARDC-CN-000020 | SV-213171r395811_rule | 2021-06-22 | 2 |
Description
A threat to users of Adobe Reader DC is opening a PDF file that contains malicious executable content.
Protected view restricts Adobe Reader DC functionality, within a sandbox, when a PDF is opened from an untrusted source.
This isolation of the PDFs reduces the risk of security breaches in areas outside the sandbox.
Satisfies: SRG-APP-000112, SRG-APP-000206, SRG-APP-000207, SRG-APP-000209, SRG-APP-000210
ℹ️ Check
Verify the following registry configuration:
Utilizing the Registry Editor, navigate to the following: HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown
Value Name: iProtectedView
Type: REG_DWORD
Value: 2
If the value for iProtectedView is not set to “2” and Type configured to REG_DWORD or does not exist, then this is a finding.
✔️ Fix
Configure the following registry value:
Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \Software\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown
Value Name: iProtectedView
Type: REG_DWORD
Value: 2