STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide

V-213176

CAT III (Low)

Adobe Reader DC must disable the ability to change the Default Handler.

Rule ID

SV-213176r395850_rule

STIG

Adobe Acrobat Reader DC Continuous Track Security Technical Implementation Guide

Version

V2R1

CCIs

CCI-001499

Discussion

Allowing user to make changes to an application case cause a security risk. When the Default PDF Handler is disabled, the end users will not be able to change the default PDF viewer.

Check Content

Verify the following registry configuration:

Utilizing the Registry Editor, navigate to the following: HKEY_LOCAL_MACHINE\Software\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown

Value Name: bDisablePDFHandlerSwitching
Type: REG_DWORD
Value: 1

If the value for bDisablePDFHandlerSwitching is not set to “1” and Type configured to REG_DWORD or does not exist, then this is a finding.

Fix Text

Configure the following registry value:

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \Software\Policies\Adobe\Acrobat Reader\DC\FeatureLockDown

Value Name: bDisablePDFHandlerSwitching
Type: REG_DWORD
Value: 1