How to patch / update Adobe Reader DC with sccm

How to patch / update Adobe Reader DC with SCCM. 

Another week another security vulnerability in adobe products. Probably you have already deployed adobe reader with sccm using a custom installation, if not you can find the article here: Install Adobe Reader DC with SCCM . If you have already the product the normal way is just to update the product. In order to do this you need to download just the patch file .msp format from adobe

First let’s go to offline installer page for adobe:

All adobe products patch

https://www.adobe.com/ie/downloads/updates.html

Specific link for adobe reader patch windows 10 installation

https://supportdownloads.adobe.com/product.jsp?product=10&platform=Windows

All other adobe offline products are available here:

https://get.adobe.com/reader/enterprise/

Once I have downloaded the file, in my case was AcroRdrDCUpd1901020098.msp available on 28 feb 2018, I have created a new app named February update

- Create a app

- General, chose manually

 adobe-update-app-general-custom

- Add the name of the app

adobe-update-app-general

- Application catalog

 adobe-update-app-catalog

- Deployment Type – Add

adobe-update-app-deployment-add

- Chose script installer

 /adobe-update-app-deployment-type

- General information

adobe-update-app-deployment-general

- Content add the location and command in installation program: msiexec /p "AcroRdrDCUpd1901020069.msp" /qn

adobe-update-app-deployment-content

- Detection, here I have used the version of adobe reader , AcroRd32.exe version 19.10.20098.54430. Everything lower than this number it will be upgraded.

adobe-update-app-deployment-detection

- User experience, Install for system, whether or not ..

adobe-update-app-deployment-user-experience

- Requirements, nothing

- Dependencies, nothing

- Summary, next

- Completion , close

- Deployments type, next

adobe-update-app-deployment-next

- Summary, next

- Progress, next

- Completion, close

App creation is finished. Now distribute the app on DP's.

Deploy the app to a collection where you have all the computer with adobe dc reader. Criteria for that collection is:

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_INSTALLED_SOFTWARE on SMS_G_System_INSTALLED_SOFTWARE.ResourceId = SMS_R_System.ResourceId where SMS_G_System_INSTALLED_SOFTWARE.ProductName = "Adobe Acrobat Reader DC"

or GUI

collection_criteria

On one target computer, all good:

adobe-reader-update-applied-with-sccm

adobe-reader-update-applied-with-sccm-success

Job done, happy sccm-ing 😊