Adobe Acrobat Reader DC Continuous Track STIG Ver 2, Rel 1 Checklist Details (Checklist Revisions)

SCAP 1.1 Content:

Supporting Resources:


Target CPE Name
Adobe Acrobat Reader cpe:/a:adobe:acrobat_reader:10.1.1 (View CVEs)

Checklist Highlights

Checklist Name:
Adobe Acrobat Reader DC Continuous Track STIG
Checklist ID:
Ver 2, Rel 1
Review Status:
Under Review
Governmental Authority: Defense Information Systems Agency
Original Publication Date:

Checklist Summary:

Adobe Acrobat Reader DC incorporates capabilities other than just a PDF reader. Adobe Acrobat Reader DC incorporates an interface to Adobe’s document cloud and Adobe’s online services. Adobe Acrobat Reader DC has two product tracks: Continuous and Classic. This STIG was written for the Continuous track. ? The Continuous track provides updates for new features, security and platform enhancements, and bug fixes when available in a silent update. ? The Classic track does not provide new features in the updates. Updates, security and platform enhancements, and bug fixes are only available on a quarterly basis. There are two ways to verify which Adobe Acrobat Reader DC product track is installed: ? The Continuous track is installed by default on C:\\Program Files (x86)\Adobe\Acrobat Reader DC or navigate to Programs and Features >> Adobe Acrobat Reader DC. ? With the Classic track, the user has the option to install on any directory: <Drive Letter>:\\Program Files (x86)\Adobe\Acrobat Reader 2015 or navigate to Programs and Features >> Adobe Acrobat Reader MUI. The Adobe Acrobat Reader DC Continuous Track STIG was written for the free version of Adobe Acrobat Reader DC and a default install. The Adobe Acrobat Reader DC Continuous Track STIG was also written for a Windows environment and published as a tool to improve the security of Department of Defense (DoD) information systems. This document is meant for use in conjunction with the Windows Operating System (OS) STIG and any appropriate STIG(s) applicable to the system.

Checklist Role:

  • Office Software

Known Issues:

Not Provided

Target Audience:

Developed for the DOD. This checklist has been created for IT professionals, particularly Windows system administrators and information security personnel. The document assumes that the reader has experience installing and administering applications on Windows-based systems in domain or standalone configurations.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not Provided

Regulatory Compliance:

DoDD 8500.1


Not Provided


It must be noted that the guidelines specified should be evaluated in a local, representative test environment before implementation within large user populations. The extensive variety of environments makes it impossible to test these guidelines for all potential software configurations. For some environments, failure to test before implementation may lead to a loss of required functionality.

Product Support:

Not Provided

Point of Contact:

Comments or proposed revisions to this document should be sent via email to the following address: DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.


Not Provided


Not Provided

Change History:

moved to FINAL - 6/7/2016
added Benchmark - 07/18/2017


URL Description Adobe Acrobat Reader DC STIG Release Memo


Reference URL Description

NIST checklist record last modified on 07/18/2017

* This checklist is still undergoing review for inclusion into the NCP.