Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Adobe Acrobat Pro XI certified document trust must be disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-75297 | ADBP-XI-001335 | SV-89977r1_rule | Medium |
| Description |
|---|
| Certified document trust elevates signed PDF files to a privileged location and bypasses privileged view security protections. Disabling certified documents disables and locks the end user's ability to elevate certified documents as a privileged location. |
| STIG | Date |
|---|---|
| Adobe Acrobat Pro XI Security Technical Implementation Guide | 2018-01-03 |
Details
| Check Text ( C-75081r1_chk ) |
|---|
| Verify the following registry configuration: Using the Registry Editor, navigate to the following: HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Adobe Acrobat\11.0\FeatureLockDown Value Name: bEnableCertificateBasedTrust Type: REG_DWORD Value: 0 If the value for bEnableCertificateBasedTrust is not set to “0” and Type is not configured to REG_DWORD or does not exist, this is a finding. |
| Fix Text (F-81913r2_fix) |
|---|
| Configure the following registry value: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \Software\Policies\Adobe\Adobe Acrobat\11.0\FeatureLockDown Value Name: bEnableCertificateBasedTrust Type: REG_DWORD Value: 0 |