U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

Adobe Acrobat Reader DC Continuous Track STIG Ver 2, Rel 3 Checklist Details (Checklist Revisions)

SCAP 1.3 Content:

Supporting Resources:

Target:

Target CPE Name
Adobe Acrobat Reader cpe:/a:adobe:acrobat_reader:10.1.1 (View CVEs)

Checklist Highlights

Checklist Name:
Adobe Acrobat Reader DC Continuous Track STIG
Checklist ID:
666
Version:
Ver 2, Rel 3
Type:
Compliance
Review Status:
Final
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
04/22/2016

Checklist Summary:

Adobe Acrobat Reader DC incorporates capabilities other than just a PDF reader. Adobe Acrobat Reader DC incorporates an interface to Adobe’s document cloud and Adobe’s online services. Adobe Acrobat Reader DC has two product tracks: Continuous and Classic. This STIG was written for the Continuous track. ? The Continuous track provides updates for new features, security and platform enhancements, and bug fixes when available in a silent update. ? The Classic track does not provide new features in the updates. Updates, security and platform enhancements, and bug fixes are only available on a quarterly basis. There are two ways to verify which Adobe Acrobat Reader DC product track is installed: ? The Continuous track is installed by default on C:\\Program Files (x86)\Adobe\Acrobat Reader DC or navigate to Programs and Features >> Adobe Acrobat Reader DC. ? With the Classic track, the user has the option to install on any directory: <Drive Letter>:\\Program Files (x86)\Adobe\Acrobat Reader 2015 or navigate to Programs and Features >> Adobe Acrobat Reader MUI. The Adobe Acrobat Reader DC Continuous Track STIG was written for the free version of Adobe Acrobat Reader DC and a default install. The Adobe Acrobat Reader DC Continuous Track STIG was also written for a Windows environment and published as a tool to improve the security of Department of Defense (DoD) information systems. This document is meant for use in conjunction with the Windows Operating System (OS) STIG and any appropriate STIG(s) applicable to the system.

Checklist Role:

  • Office Software

Known Issues:

Not Provided

Target Audience:

Developed for the DOD. This checklist has been created for IT professionals, particularly Windows system administrators and information security personnel. The document assumes that the reader has experience installing and administering applications on Windows-based systems in domain or standalone configurations.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not Provided

Regulatory Compliance:

DoDD 8500.1

Comments/Warnings/Miscellaneous:

Not Provided

Disclaimer:

It must be noted that the guidelines specified should be evaluated in a local, representative test environment before implementation within large user populations. The extensive variety of environments makes it impossible to test these guidelines for all potential software configurations. For some environments, failure to test before implementation may lead to a loss of required functionality.

Product Support:

Not Provided

Point of Contact:

Comments or proposed revisions to this document should be sent via email to the following address: [email protected]. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Sponsor:

Not Provided

Licensing:

Not Provided

Change History: 

moved to FINAL - 6/7/2016
added Benchmark - 07/18/2017
Updated URL to reflect change to the DISA website - http --> https
Moved to FINAL - 08/29/2017
resource title correction
updated to v1,r3 - 02/16/18
Updated to FINAL - 3/18/2018
updated to v1,r4 - 4/25/18
Updated to FINAL - 5/25/18
Updated to v1,r5  - 7/24/18
null
Updated to FINAL - 9/4/2018
Updated benchmark - 10/25/18
Updated to FINAL - 11/26/18
Updated URLs - 6/4/19
Updated URLs - 6/17/19
Updated URLs - 8/9/19
Added GPO file as per DISA - 8/5/2020
updated GPO file - 10/29/2020
Updated resources per DISA - 5/25/21
updated URLs - 7/28/2021
updated SCC tool per DISA - 9/16/2021
Updated GPO per DISA - 5/2/22
null
Updated GPO per DISA - 5/29/22
null
Updated SCC per DISA - 6/14/22
Updated GPO per DISA - 8/1/22
null
SCC - 10/13/22
Updated resource per DISA - 10/26/22
updated GPO file - 11/7/22
updated GPO file - 1/31/2023
updated URLs - 2/6/2023
updated SCC content - 3/9/2023
Updated GPO per DISA - 5/1/23
updated SCC content - 6/22/23
updated SHA - 7/27/23
Updated GPO per DISA - 7/31/23
Updated GPO per DISA - 8/21/23
Updated SCC per DISA - 9/21/23
Updated GPO per DISA - 11/2/23
Corrected SHA discrepancy - 11/3/2023
updated GPO package - 1/31/24
SHA - 2/7/24
Updated SCC Resources - 4/19/24
Updated Resources - 06/10/2024
Resource Updated - 08/27/2024
Updated SCC and GPO Resources - 12/09/24
Updated Checklist Version & Resources - 01/30/2025
Updated GPO Resource - 02/06/2025
Updated Resources URL - 03/21/2025
Updated Resource - 03/31/2025
Updated GPOs - 04/30/2025
Added Intune Policies - 05/08/2025

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 05/08/2025