Check: ADBP-XI-001300
Adobe Acrobat Pro XI STIG:
ADBP-XI-001300
(in versions v1 r2 through v1 r1)
Title
Adobe Acrobat Pro XI third-party web connectors must be disabled. (Cat III impact)
Discussion
Third-party connectors include services such as Dropbox and Google Drive. When third-party web connectors are disabled, it prevents access to third-party services for file storage. Allowing access to online storage services introduces the risk of data loss or data exfiltration.
Check Content
Verify the following registry configuration: Note: The Key Name "cServices" is not created by default in the Acrobat Pro XI install and must be created. Using the Registry Editor, navigate to the following: HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Adobe Acrobat\11.0\FeatureLockDown\cServices Value Name: bToggleWebConnectors Type: REG_DWORD Value: 1 If the value for bToggleWebConnectors is not set to “1” and Type is not configured to REG_DWORD or does not exist, this is a finding.
Fix Text
Configure the following registry value: Note: The Key Name "cServices" is not created by default in the Acrobat Pro XI install and must be created. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \Software\Policies\Adobe\Adobe Acrobat\11.0\FeatureLockDown\cServices Value Name: bToggleWebConnectors Type: REG_DWORD Value: 1
Additional Identifiers
Rule ID: SV-89991r1_rule
Vulnerability ID: V-75311
Group Title: SRG-APP-000141
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |