Adobe Reader DC must enable FIPS mode.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-213193	SRG-APP-000514	ARDC-CN-000345	SV-213193r400876_rule	2021-06-22	2

Description
Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. The application must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.

ℹ️ Check
Verify the following registry configuration: Note: The Key Names "bFIPSMode" is not created by default in the Adobe Reader DC install and must be created. Utilizing the Registry Editor, navigate to the following: HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral Value Name: bFIPSMode Type: REG_DWORD Value: 1 If the value for bFIPSMode is not set to “1” and Type configured to REG_DWORD does not exist, then this is a finding.

ℹ️ Check

Verify the following registry configuration: Note: The Key Names "bFIPSMode" is not created by default in the Adobe Reader DC install and must be created. Utilizing the Registry Editor, navigate to the following: HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral Value Name: bFIPSMode Type: REG_DWORD Value: 1 If the value for bFIPSMode is not set to “1” and Type configured to REG_DWORD does not exist, then this is a finding.

✔️ Fix
Configure the following registry value: Note: The Key Names "bFIPSMode" is not created by default in the Adobe Reader DC install and must be created. Registry Hive: HKEY_CURRENT_USER Registry Path: \Software\Adobe\Acrobat Reader\DC\AVGeneral Value Name: bFIPSMode Type: REG_DWORD Value: 1