V-213193
SV-213193r400876_rule
CAT II
Adobe Reader DC must enable FIPS mode.
From: Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide (V2R1)
Description
<VulnDiscussion>Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The application must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Verify the following registry configuration:
Note: The Key Names "bFIPSMode" is not created by default in the Adobe Reader DC install and must be created.
Utilizing the Registry Editor, navigate to the following: HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral
Value Name: bFIPSMode
Type: REG_DWORD
Value: 1
If the value for bFIPSMode is not set to “1” and Type configured to REG_DWORD does not exist, then this is a finding.
Fix Text
Configure the following registry value:
Note: The Key Names "bFIPSMode" is not created by default in the Adobe Reader DC install and must be created.
Registry Hive: HKEY_CURRENT_USER
Registry Path: \Software\Adobe\Acrobat Reader\DC\AVGeneral
Value Name: bFIPSMode
Type: REG_DWORD
Value: 1
CCI Reference
CCI-002450- Created
- 2026-01-14 17:55:45
- Last Updated
- 2026-04-07 20:08:10