Details

Failure to install the most current Adobe Acrobat Pro version leaves a system vulnerable to exploitation. Current versions correct known security and system vulnerabilities. If the Adobe Acrobat Pro installation is not at the most current version and patch level, this is a Category 1 finding since new vulnerabilities will not be patched.

Adobe Acrobat Pro XI is End of Life. Reference the following URL:

http://www.adobe.com/support/products/enterprise/eol/

Click on ‘Adobe enterprise products and technical support periods’.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Upgrade to latest version of Adobe Acrobat or uninstall software.

Supportive Information

The following resource is also helpful.

• https://iasecontent.disa.mil/stigs/zip/U_Adobe_Acrobat_Pro_XI_V1R2_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.

References

• 800-53|SI-2c.
• CAT|I
• CCI|CCI-002605
• Rule-ID|SV-93763r1_rule
• STIG-ID|ADBP-XI-005000
• Vuln-ID|V-79057

Source

• Tenable.com/audits