Adobe Reader DC must enable FIPS mode.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-213193 | ARDC-CN-000345 | SV-213193r400876_rule | Medium |
| Description |
|---|
| Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The application must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated. |
| STIG | Date |
|---|---|
| Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide | 2021-06-22 |
Details
| Check Text ( C-14428r276797_chk ) |
|---|
| Verify the following registry configuration: Note: The Key Names "bFIPSMode" is not created by default in the Adobe Reader DC install and must be created. Utilizing the Registry Editor, navigate to the following: HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral Value Name: bFIPSMode Type: REG_DWORD Value: 1 If the value for bFIPSMode is not set to “1” and Type configured to REG_DWORD does not exist, then this is a finding. |
| Fix Text (F-14426r276798_fix) |
|---|
| Configure the following registry value: Note: The Key Names "bFIPSMode" is not created by default in the Adobe Reader DC install and must be created. Registry Hive: HKEY_CURRENT_USER Registry Path: \Software\Adobe\Acrobat Reader\DC\AVGeneral Value Name: bFIPSMode Type: REG_DWORD Value: 1 |