Creating a Acrobat Reader 9.3.3 AIP (administrative install point)

Adobe has one of most convoluted way of doing patches, and as a system administrator, this is a huge headache to maintain Acrobat Reader updated across your enterprise to prevent security breaches via Acrobat.

To understand Acrobat's release cycle, I'll point you to this page.

To summarize, Adobe has two type of patch releases: quarterly, and out of cycle security fix (and these happen quite often). However, to create a network installation point, one that is using msi deployment methods and fully up to date (9.3.3 as of writing) you have to follow a specific update path - you're only allowed to patch your AIP using quarterly patches. Again, that is outlined in the link above.

Adobe Reader:

For creating 9.3.3 AIP: 9.3 > 9.3.2 > 9.3.3
For creating 9.3.2 AIP: 9.3 > 9.3.2
For creating 9.3.1 AIP: 9.3 > 9.3.1

This means, if you have created a 9.3.1 AIP, you'll have to do whole process from 9.3 start again, because 9.3.1 was a security patch.

Today, I need a 9.3.3 AIP, so here's the steps I used:

1) Download 9.3 from here.

2) Extract setup package into its source (.msi):

AdbeRdr930_en_US.exe -nos_ne -nos_o"aip_directory"
Info on the switches can be found here.

3) Download 9.3.2 and 9.3.3 patches from here.

4) Apply 9.3.2 to the AIP like this:

msiexec /a "aip_directory\AcroRead.msi" /p "AdbeRdrUpd932_all_incr.msp"

5) Apply 9.3.3 to the AIP like this:

"msiexec /a aip_directory\AcroRead.msi /p AdbeRdrUpd933_all_incr.msp"

Now your aip_directory will contain a fully patched (9.3.3) version of Acrobat Reader. You can simply deploy the .msi file in it.

EDIT (Dec 20, 2010): Adobe changed some of the links, so I update the links to reflect the chanage. I tested the procedure for Acrobat Reader 9.4.1.