ARDC-CL-000330 – Adobe Reader DC must disable periodical uploading of European certificates.

Details

By default, the user can update European certificates from an Adobe server through the GUI.

When uploading European certificates is disabled, it prevents the automatic download and installation of certificates and disables and locks the end user’s ability to upload those certificates.

Solution

Configure the following registry value:

Note: The Key Names ‘cDigSig’ and ‘cEUTLDownload’ are not created by default in the Adobe Reader DC install and must be created.

Registry Hive: HKEY_CURRENT_USER
Registry Path: SoftwareAdobeAcrobat Reader2015SecuritycDigSigcEUTLDownload

Value Name: bLoadSettingsFromURL
Type: REG_DWORD
Value: 0

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Adobe_Acrobat_Reader_DC_Classic_V2R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.

References

800-53|SC-23(5)
CAT|III
CCI|CCI-002470
Rule-ID|SV-213163r557349_rule
STIG-ID|ARDC-CL-000330
STIG-Legacy|SV-80297
STIG-Legacy|V-65807
Vuln-ID|V-213163

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles