Check: ARDC-CN-000100
Adobe Acrobat Reader DC Continuous Track STIG:
ARDC-CN-000100
(in versions v2 r1 through v1 r2)
Title
Adobe Reader DC must disable Online SharePoint Access. (Cat II impact)
Discussion
Disabling SharePoint disables or removes the user’s ability to add a SharePoint account access controls the application's ability to detect that a file came from a SharePoint server, and disables the check-out prompt.
Check Content
Verify the following registry configuration: If configured to an approved DoD SharePoint Server, this is NA. Note: The Key Name "cSharePoint" is not created by default in the Adobe Reader DC install and must be created. Utilizing the Registry Editor, navigate to the following: HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown\cSharePoint Value Name: bDisableSharePointFeatures Type: REG_DWORD Value: 1 If the value for bDisableSharePointFeatures is not set to “1” and Type configured to REG_DWORD or does not exist, then this is a finding.
Fix Text
Configure the following registry value: Note: The Key Name "cSharePoint" is not created by default in the Adobe Reader DC install and must be created. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \Software\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown\cSharePoint Value Name: bDisableSharePointFeatures Type: REG_DWORD Value: 1
Additional Identifiers
Rule ID: SV-213185r395853_rule
Vulnerability ID: V-213185
Group Title: SRG-APP-000141
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |