Check: ADBP-XI-001325
Adobe Acrobat Pro XI STIG:
ADBP-XI-001325
(in versions v1 r2 through v1 r1)
Title
Adobe Acrobat Pro XI privileged site locations must be disabled. (Cat III impact)
Discussion
Privileged Locations are the primary method Acrobat uses to allow users and admins to specify trusted content that should be exempt from security restrictions, such as when Enhanced Security is enabled. A Privileged Location may be a file, folder, or a host. If the user is allowed to set a Privileged Location, they could bypass security protections.
Check Content
Verify the following registry configuration: Using the Registry Editor, navigate to the following: HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Adobe Acrobat\11.0\FeatureLockDown Value Name: bDisableTrustedSites Type: REG_DWORD Value: 1 If the value for bDisableTrustedSites is not set to “1” and Type is not configured to REG_DWORD or does not exist, this is a finding.
Fix Text
Configure the following registry value: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \Software\Policies\Adobe\Adobe Acrobat\11.0\FeatureLockDown Value Name: bDisableTrustedSites Type: REG_DWORD Value: 1
Additional Identifiers
Rule ID: SV-89981r1_rule
Vulnerability ID: V-75301
Group Title: SRG-APP-000380
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001813 |
The information system enforces access restrictions. |
Controls
Number | Title |
---|---|
CM-5 (1) |
Automated Access Enforcement / Auditing |