Details

Because Internet access is a potential security risk, clicking any unknown website link to the Internet poses a potential security risk.

Malicious websites can transfer harmful content or silently gather data.

Satisfies: SRG-APP-000112, SRG-APP-000206, SRG-APP-000207, SRG-APP-000209, SRG-APP-000210

Solution

Configure the following registry value:

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: SoftwarePoliciesAdobeAcrobat Reader2015FeatureLockDowncDefaultLaunchURLPerms

Value Name: iUnknownURLPerms
Type: REG_DWORD
Value: 3

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Adobe_Acrobat_Reader_DC_Classic_V2R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.

References

• 800-53|SC-18(1)
• 800-53|SC-18(3)
• 800-53|SC-18(4)
• CAT|II
• CCI|CCI-001166
• CCI|CCI-001169
• CCI|CCI-001170
• CCI|CCI-001662
• CCI|CCI-001695
• Rule-ID|SV-213146r557349_rule
• STIG-ID|ARDC-CL-000030
• STIG-Legacy|SV-80259
• STIG-Legacy|V-65769
• Vuln-ID|V-213146

Source

• Tenable.com/audits