Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000456
Group -
SRG-APP-000514
Group -
Adobe Reader DC must enable FIPS mode.
Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The application must implement cryptographic modules adhering to the higher standards ...Rule Medium Severity -
Adobe Reader DC must enable Enhanced Security in a Browser.
PDFs have evolved from static pages to complex documents with features such as interactive forms, multimedia content, scripting, and other capabilities. These features leave PDFs vulnerable to mali...Rule Medium Severity -
Adobe Reader DC must enable Protected Mode.
A threat to users of Adobe Reader DC is opening a PDF file that contains malicious executable content. Protected mode provides a sandbox capability that prevents malicious PDF files from launching...Rule Medium Severity -
Adobe Reader DC must Block Websites.
Clicking any link to the Internet poses a potential security risk. Malicious websites can transfer harmful content or silently gather data. Acrobat Reader documents can connect to websites which ca...Rule Medium Severity -
Adobe Reader DC must disable the ability to change the Default Handler.
Allowing user to make changes to an application case cause a security risk. When the Default PDF Handler is disabled, the end users will not be able to change the default PDF viewer.Rule Low Severity -
Adobe Reader DC must disable the Adobe Send and Track plugin for Outlook.
When enabled, Adobe Send and Track button appears in Outlook. When an email is composed it enables the ability to send large files as public links through Outlook. The attached files can be uploade...Rule Low Severity -
Adobe Reader DC must disable access to Webmail.
When Webmail is disabled the user cannot configure a webmail account to send an open PDF document as an attachment. Users should have the ability to send documents as Microsoft Outlook attachments....Rule Medium Severity -
Adobe Reader DC must disable the ability to add Trusted Files and Folders.
Privileged Locations allow the user to selectively trust files, folders, and hosts to bypass some security restrictions, such as enhanced security and protected view. By default, the user can creat...Rule Medium Severity -
Adobe Reader DC must disable periodical uploading of European certificates.
By default, the user can update European certificates from an Adobe server through the GUI. When uploading European certificates is disabled, it prevents the automatic download and installation of...Rule Low Severity -
Adobe Reader DC must have the latest Security-related Software Updates installed.
Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (incl...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.