Details

A threat to users of Adobe Reader DC is opening a PDF file that contains malicious executable content.

Protected view restricts Adobe Reader DC functionality, within a sandbox, when a PDF is opened from an untrusted source.

This isolation of the PDFs reduces the risk of security breaches in areas outside the sandbox.

Satisfies: SRG-APP-000112, SRG-APP-000206, SRG-APP-000207, SRG-APP-000209, SRG-APP-000210

Solution

Configure the following registry value:

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: SoftwarePoliciesAdobeAcrobat Reader2015FeatureLockDown

Value Name: iProtectedView
Type: REG_DWORD
Value: 2

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Adobe_Acrobat_Reader_DC_Classic_V2R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.

References

• 800-53|SC-18(1)
• 800-53|SC-18(3)
• 800-53|SC-18(4)
• CAT|II
• CCI|CCI-001166
• CCI|CCI-001169
• CCI|CCI-001170
• CCI|CCI-001662
• CCI|CCI-001695
• Rule-ID|SV-213144r557349_rule
• STIG-ID|ARDC-CL-000020
• STIG-Legacy|SV-80229
• STIG-Legacy|V-65739
• Vuln-ID|V-213144

Source

• Tenable.com/audits