We have acrobat.exe wanting to launch in an elevated mode. It is hitting the ‘add basic admin’ rule in our low flex workstyle. We have a message attached to this that allow for admins to input their credentials. This works. The problem is that adobe seems to want to launch acrobat.exe elevated for updates. I don’t know that it’s a good idea to always launch adobe in an elevated mode so is there a better way to control this behavior? Any thoughts or ideas are greatly appreciated.
Page 1 / 1
Adobe does require Admin privileges when performing updates and we have a KB article that guides customer to create an application rule to allows that.
https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0017857
Adobe is one of those applications that are often exploited by malicious content. EPM does have offer an additional layer of protection against malware for trusted business applications using Trusted Application Protection. You can refer to the link below in our Admin guide for more information on TAP rules
this is great, thank you.
what if AdobeARMHelper.exe is not the application requesting elevation? in my case, it’s acrobat.exe:
File Path: c:\program files\adobe\acrobat dc\acrobat\acrobat.exe
Executable Path: c:\program files\adobe\acrobat dc\acrobat\acrobat.exe
Command Line: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe”
I’m hesitant to allow acrobat.exe in the same manner are AdobeARMHelper.exe.
Acrobat installer or updater does requires Admin token performing updates. You can also follow this KB article to handle them. As mentioned previously if you’ve concern on Adobe then you should use the TAP (Trusted Application Protection) workstyle to help you address that concern.
https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0017087
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.