Details

Both SharePoint and Office365 configurations are shared in one setting. Disabling this setting removes the user’s ability to use both SharePoint and Office365 cloud features and functions. If the user is allowed to store files on public cloud services, there is a risk of data compromise.

Solution

Configure the following registry value:

Note: The Key Name ‘cSharePoint’ is not created by default in the Acrobat Pro DC install and must be created.

Registry Hive:
HKEY_LOCAL_MACHINE
Registry Path:
SoftwarePoliciesAdobeAdobe AcrobatDCFeatureLockDowncSharePoint

Value Name: bDisableSharePointFeatures
Type: REG_DWORD
Value: 1

Configure the policy value for Computer Configuration > Administrative Template > Adobe Acrobat Pro DC Classic > Preferences > ‘SharePoint and Office 365 access’ to ‘Disabled’.

This policy setting requires the installation of the AcrobatProDCClassic custom templates included with the STIG package. ‘AcrobatProDCClassic.admx’ and ‘AcrobatProDCClassic.adml’ must be copied to the WindowsPolicyDefinitions and WindowsPolicyDefinitionsen-US directories respectively.

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Adobe_Acrobat_Pro_DC_Classic_V2R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

• 800-53|CM-7a.
• CAT|III
• CCI|CCI-000381
• Rule-ID|SV-213113r557504_rule
• STIG-ID|AADC-CL-001315
• STIG-Legacy|SV-94855
• STIG-Legacy|V-80151
• Vuln-ID|V-213113

Source

• Tenable.com/audits