Skip to main content
Solved

Elevate Acrobat.exe

  • May 22, 2025
  • 3 replies
  • 250 views
M
Forum|alt.badge.img+1

We have acrobat.exe wanting to launch in an elevated mode.  It is hitting the ‘add basic admin’ rule in our low flex workstyle.  We have a message attached to this that allow for admins to input their credentials.  This works.  The problem is that adobe seems to want to launch acrobat.exe elevated for updates.  I don’t know that it’s a good idea to always launch adobe in an elevated mode so is there a better way to control this behavior?  Any thoughts or ideas are greatly appreciated.

Best answer by Howard

Adobe does require Admin privileges when performing updates and we have a KB article that guides customer to create an application rule to allows that.

https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0017857

Adobe is one of those applications that are often exploited by malicious content. EPM does have offer an additional layer of protection against malware for trusted business applications using Trusted Application Protection. You can refer to the link below in our Admin guide for more information on TAP rules 

Workstyles

    Pulitros144

    3 replies

    H
    BeyondTrust Employee
    • Howard
    • BeyondTrust Employee
    • Answer
    • May 23, 2025

    Adobe does require Admin privileges when performing updates and we have a KB article that guides customer to create an application rule to allows that.

    https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0017857

    Adobe is one of those applications that are often exploited by malicious content. EPM does have offer an additional layer of protection against malware for trusted business applications using Trusted Application Protection. You can refer to the link below in our Admin guide for more information on TAP rules 

    Workstyles

    jacek.krecisz
    M
    Forum|alt.badge.img+1
    • mlajoie
    • Author
    • Trailblazer
    • May 23, 2025

    this is great, thank you.

     

    what if AdobeARMHelper.exe is not the application requesting elevation?  in my case, it’s acrobat.exe:

    File Path:  c:\program files\adobe\acrobat dc\acrobat\acrobat.exe
    Executable Path:  c:\program files\adobe\acrobat dc\acrobat\acrobat.exe
    Command Line:  "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe”

     

    I’m hesitant to allow acrobat.exe in the same manner are AdobeARMHelper.exe.  

    H
    BeyondTrust Employee
    • Howard
    • BeyondTrust Employee
    • May 24, 2025

    Acrobat installer or updater does requires Admin token performing updates. You can also follow this KB article to handle them. As mentioned previously if you’ve concern on Adobe then you should use the TAP (Trusted Application Protection) workstyle to help you address that concern.

    https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0017087 

    M

    Badge Earners

    • 5 Courses Completed - Password Safe
      AdamMhas earned the badge 5 Courses Completed - Password Safe
    • BCIE: Endpoint Privilege Management - Windows
      vnigamhas earned the badge BCIE: Endpoint Privilege Management - Windows
    • BCIE: Password Safe
      vnigamhas earned the badge BCIE: Password Safe
    • BCIE: Endpoint Privilege Management - Windows
      NikhilRhas earned the badge BCIE: Endpoint Privilege Management - Windows
    • BCIE: Password Safe
      NikhilRhas earned the badge BCIE: Password Safe
    Show all badges
    Terms & ConditionsCookie settingsAccessibility statement