Details

By default, Adobe online services are tightly integrated in Adobe Reader DC. With the integration of Adobe Document Cloud, disabling this feature prevents the risk of additional attack vectors.

Within Adobe Reader DC, the Adobe Cloud resources require a paid subscription for each service.

Solution

Configure the following registry value:

Note: The Key Name ‘cServices’ is not created by default in the Adobe Reader DC install and must be created.

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: SoftwarePoliciesAdobeAcrobat Reader2015FeatureLockDowncServices

Value Name: bToggleAdobeDocumentServices
Type: REG_DWORD
Value: 1

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Adobe_Acrobat_Reader_DC_Classic_V2R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

• 800-53|CM-7a.
• CAT|II
• CCI|CCI-000381
• Rule-ID|SV-213151r557349_rule
• STIG-ID|ARDC-CL-000060
• STIG-Legacy|SV-80271
• STIG-Legacy|V-65781
• Vuln-ID|V-213151

Source

• Tenable.com/audits