Adobe can’t seem to make up their mind whether they’re going to be convenient and provide a .msi for each incremental update to Adobe Reader or not. Unlike Adobe Acrobat, where the updates have to be slip-streamed into the base installer (as demonstrated previously with Adobe Acrobat 9.3.2), the Adobe Reader .msi is fully prepared with each update, you just have to extract it from the .msi. Adobe has just posted a Security Bulletin for Adobe Flash, Adobe Reader, and Adobe Acrobat, so this information may come in handy soon.
I recommend downloading the latest Adobe Reader installer (currently 10.0.1) from the Adobe FTP location for hassle-free access directly to the files.
With Reader X, Adobe switched the installer from being NOS compressed to using 7-Zip for compression. 7-Zip is free and very handy, so you should have it installed if you don’t already. With 7-Zip installed, right-click on the executable and go to 7-Zip -> Open archive.
With the archive opened in 7-Zip, drag the AcroRead.msi and Data1.cab to the folder you’d like. The Setup.ini can also be handy if you’re using Adobe Customization Wizard to create a transform. Copy them up to your deployment server and you should be all set.
If you don’t want to use 7-zip, you can alternatively use command-line switches to extract the files from the installer. To extract the files to C:>Adobe Run: AdbeRdr1001_en_US.exe -sfx_o”C:adobe” -sfx_ne
Once you have your AcroRead.msi and Data1.cab, you can use these files to deploy the software using your normal procedure.
In other news, Adobe posted a security advisory today announcing a vulnerability in Adobe Flash Player 10.2.152.33 and earlier versions which also affects Adobe Acrobat and Adobe Reader. Adobe Flash Player and Acrobat are scheduled to receive an update that will correct this vulnerability during the week of March 21st. Interestingly, Adobe has decided to not address Adobe Reader’s vulnerability until it releases its next quarterly update on June 14th.
You can read more details about the vulnerabilities and the reasoning behind not including Adobe Reader in the immediate patching at the Adobe Security blog.