National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Adobe Acrobat Reader DC Continuous Track STIG Ver 1, Rel 5 Checklist Details (Checklist Revisions)

Checklist Highlights

Checklist Name:
Adobe Acrobat Reader DC Continuous Track STIG
Checklist ID:
666
Version:
Ver 1, Rel 5
Type:
Compliance
Review Status:
Under Review
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
04/22/2016
Checklist Group:
View

Checklist Summary:

Adobe Acrobat Reader DC incorporates capabilities other than just a PDF reader. Adobe Acrobat Reader DC incorporates an interface to Adobe’s document cloud and Adobe’s online services. Adobe Acrobat Reader DC has two product tracks: Continuous and Classic. This STIG was written for the Continuous track. ? The Continuous track provides updates for new features, security and platform enhancements, and bug fixes when available in a silent update. ? The Classic track does not provide new features in the updates. Updates, security and platform enhancements, and bug fixes are only available on a quarterly basis. There are two ways to verify which Adobe Acrobat Reader DC product track is installed: ? The Continuous track is installed by default on C:\\Program Files (x86)\Adobe\Acrobat Reader DC or navigate to Programs and Features >> Adobe Acrobat Reader DC. ? With the Classic track, the user has the option to install on any directory: :\\Program Files (x86)\Adobe\Acrobat Reader 2015 or navigate to Programs and Features >> Adobe Acrobat Reader MUI. The Adobe Acrobat Reader DC Continuous Track STIG was written for the free version of Adobe Acrobat Reader DC and a default install. The Adobe Acrobat Reader DC Continuous Track STIG was also written for a Windows environment and published as a tool to improve the security of Department of Defense (DoD) information systems. This document is meant for use in conjunction with the Windows Operating System (OS) STIG and any appropriate STIG(s) applicable to the system.

Checklist Role:

  • Office Software

Known Issues:

Not Provided

Target Audience:

Developed for the DOD. This checklist has been created for IT professionals, particularly Windows system administrators and information security personnel. The document assumes that the reader has experience installing and administering applications on Windows-based systems in domain or standalone configurations.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not Provided

Regulatory Compliance:

DoDD 8500.1

Comments/Warnings/Miscellaneous:

Not Provided

Disclaimer:

It must be noted that the guidelines specified should be evaluated in a local, representative test environment before implementation within large user populations. The extensive variety of environments makes it impossible to test these guidelines for all potential software configurations. For some environments, failure to test before implementation may lead to a loss of required functionality.

Product Support:

Not Provided

Point of Contact:

Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Sponsor:

Not Provided

Licensing:

Not Provided

Change History:

moved to FINAL - 6/7/2016
added Benchmark - 07/18/2017
Updated URL to reflect change to the DISA website - http --> https
Moved to FINAL - 08/29/2017
resource title correction
updated to v1,r3 - 02/16/18
Updated to FINAL - 3/18/2018
updated to v1,r4 - 4/25/18
Updated to FINAL - 5/25/18
Updated to v1,r5  - 7/24/18
null

Dependency/Requirements:

URL Description
https://iasecontent.disa.mil/stigs/pdf/U_Adobe_Acrobat_Reader_DC_STIG_V1_Release_Memo.pdf Adobe Acrobat Reader DC STIG Release Memo

References:

Reference URL Description

NIST checklist record last modified on 08/02/2018


* This checklist is still undergoing review for inclusion into the NCP.