Details

Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The application must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.

Satisfies: SRG-APP-000416, SRG-APP-000514

Solution

Verify the following registry configuration:

Note: The Key Name bFIPSMode is not created by default in the Acrobat Pro XI install and must be created.

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: SoftwarePoliciesAdobeAdobe Acrobat11.0AVGeneral

Value Name: bFIPSMode
Type: REG_DWORD
Value: 1

Supportive Information

The following resource is also helpful.

• https://iasecontent.disa.mil/stigs/zip/U_Adobe_Acrobat_Pro_XI_V1R2_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.

References

• 800-53|SC-13
• CAT|II
• CCI|CCI-002450
• Rule-ID|SV-89959r1_rule
• STIG-ID|ADBP-XI-000955
• Vuln-ID|V-75279

Source

• Tenable.com/audits