How to patch / update Adobe Reader DC with sccm

How to patch / update Adobe Reader DC with SCCM. 

Another week another security vulnerability in adobe products. Probably you have already deployed adobe reader with sccm using a custom installation, if not you can find the article here: Install Adobe Reader DC with SCCM . If you have already the product the normal way is just to update the product. In order to do this you need to download just the patch file .msp format from adobe

First let’s go to offline installer page for adobe:

All adobe products patch

Specific link for adobe reader patch windows 10 installation

All other adobe offline products are available here:

Once I have downloaded the file, in my case was AcroRdrDCUpd1901020098.msp available on 28 feb 2018, I have created a new app named February update

- Create a app

- General, chose manually


- Add the name of the app


- Application catalog


- Deployment Type – Add


- Chose script installer


- General information


- Content add the location and command in installation program: msiexec /p "AcroRdrDCUpd1901020069.msp" /qn


- Detection, here I have used the version of adobe reader , AcroRd32.exe version 19.10.20098.54430. Everything lower than this number it will be upgraded.


- User experience, Install for system, whether or not ..


- Requirements, nothing

- Dependencies, nothing

- Summary, next

- Completion , close

- Deployments type, next


- Summary, next

- Progress, next

- Completion, close

App creation is finished. Now distribute the app on DP's.

Deploy the app to a collection where you have all the computer with adobe dc reader. Criteria for that collection is:

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_INSTALLED_SOFTWARE on SMS_G_System_INSTALLED_SOFTWARE.ResourceId = SMS_R_System.ResourceId where SMS_G_System_INSTALLED_SOFTWARE.ProductName = "Adobe Acrobat Reader DC"

or GUI


On one target computer, all good:



Job done, happy sccm-ing 😊