Protected Mode Whitelist Policy Not Working Fully

Report · Mar 01, 2021

My team is trying to bypass Protected Mode in Reader DC for a single application using a policy file and being met with failure. The policy file is working and Protected Mode is dropping a log file that is listing what is blocked with recommendations on what to allow through for each blocked entry.

My policy:

FILES_ALLOW_ANY = %ProgramFiles(x86)%\Create!form*
FILES_ALLOW_ANY = C:\BottomLine Technologies, Inc*
FILES_ALLOW_ANY = SERVERNAME\Create!form
FILES_ALLOW_ANY = CfOWMergeTemp
PROCESS_ALL_EXEC = %ProgramFiles(x86)%\Create!form*
SECTION_ALLOW_ANY = *CfOWMerge.dll
REG_ALLOW_ANY = *CurrentControlSet\Control\Print\Printers*

Everything else but SECTION_ALLOW_ANY works perfectly fine to bypass Protected Mode. I have even tried SECTION_ALLOW_ANY = * alone in a policy file and sections are still being blocked according to the log files being dropped by Protected Mode. Does anyone have any experience with this?

Report · Mar 02, 2021

I don't know what Acrobat considers a "section" to be, since Windows doesn't have an OpenSection or Section Handle. However, if it takes a path name, I would expect you would need the whole path name. My experience of masking in FILES_ALLOW_ANY within policy files is that it requires the complete path, allows masks only in the final section, and does not extend to subfolders.

Report · Mar 02, 2021

I have tried including the full file paths of the DLL, but I still see the same error message in the log file. CfOWHelper.dll is not included as part of KnownDlls32 from what I can see in the registry and WinObj from SysInternals.

SECTION_ALLOW_ANY = C:\Program Files (x86)\Create!form\Plugin\CfOWHelper.dll
SECTION_ALLOW_ANY = C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\CfOWHelper.dll

Report · Jan 20, 2023

Did you ever find a resolution for this issue?

Adobe Community

Protected Mode Whitelist Policy Not Working Fully