| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-213121 | CAT III | MONT-WS-92010 | Adobe Acrobat Professional DC Continuous... | Adobe Acrobat Pro DC Continuous access to websites... | - | |||
Check TextVerify the following registry configuration: Utilizing the Registry Editor, navigate to the following: HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Adobe Acrobat\DC\FeatureLockDown\cDefaultLaunchURLPerms\ Value Name: iURLPerms Type: REG_DWORD Value: 1 If the value for iURLPerms is not set to “1” and Type is not configured to REG_DWORD or does not exist, this is a finding. Setting the value for iURLPerms to "0" means that a custom settings has been selected. Custom setting allows for specific websites to be used for PDF workflows. These websites must be approved by the ISSO/AO otherwise the setting must be "1" which blocks access to all websites. If the iURLPerms setting is "0" and a documented risk acceptance approving the websites is provided, this is not a finding. GUI path: Edit > Preferences > Trust Manager > In the 'Internet Access from PDF Files outside the web browser' section > Select 'Change Settings' option > In the 'PDF Files may connect to web sites to share or get information' section > Verify the radio button 'Block PDF files access to all web sites' is selected and greyed out (locked). If 'Custom setting' is checked, a documented risk acceptance approved by the ISSO/AO approving the websites must be provided and then this is not a finding. Admin Template path: Computer Configuration > Administrative Templates > Adobe Acrobat Pro DC Continuous > Preferences > Trust Manager > 'Access to websites' must be set to 'Enabled' and 'Block PDF files access to all web sites' selected in the drop down box. If 'Custom setting' is selected, a documented risk acceptance approved by the ISSO/AO approving the websites must be provided and then this is not a finding. Fix TextConfigure the following registry value: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \Software\Policies\Adobe\Adobe Acrobat\DC\FeatureLockDown\cDefaultLaunchURLPerms\ Value Name: iURLPerms Type: REG_DWORD Value: 1 The setting may be set to "0" if a documented risk acceptance approving the websites is approved by the ISSO/AO. Configure the policy value for Computer Configuration > Administrative Templates > Adobe Acrobat Pro DC Continuous > Preferences > Trust Manager > 'Access to websites' to 'Enabled' and select 'Block PDF files access to all web sites' in the drop down box. Select 'Custom setting' if needed and provide a documented risk acceptance approved by the ISSO/AO approving the websites. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-AdobeAcrobatProDCContinuous_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: B3A1D892AE7A8A88923A76E29B4760BE750F96A2 ~~~~~ 'Access to websites' is Enabled with Block PDF files access to all web sites Registry Path: HKLM:\Software\Policies\Adobe\Adobe Acrobat\DC\FeatureLockDown\cDefaultLaunchURLPerms\ Value Name: iURLPerms Value: 0x00000001 (1) Type: REG_DWORD
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_AdobeAcrobatProDCContinuous_V2R1_20251023-140757.ckl
Scan Date: 2026-01-14T12:57:27.516343
Technology Area: Windows Operating System
|
||||||||