Showing results for 
Search instead for 
Did you mean: 
Create Post

Table of Third Party Patches - Updated 01/11/2021

Simplify and automate these patches and more with SolarWinds Patch Manager.

The Patch Manager catalog contains the following products:

Vendor Applications Latest Version Last Updated On
7-Zip 7-Zip 19.00 02/28/19


Air 04/26/19
Flash Player (ActiveX, Plugin & PPAPI) 12/08/20
Shockwave 04/01/19
Apache Tomcat v7 7.0.107 11/23/20
Tomcat v8.5 8.5.61 12/08/20
Tomcat v9 9.0.41 12/08/20


Apple Application Support 8.6 07/31/20
Apple Mobile Device Support 10/22/20
iTunes 11/17/20
Citrix Workspace 12/17/20
FileZilla FileZilla Client 01/07/21
Foxit Foxit Enterprise Reader            12/09/20
Google Chrome 87.0.4280.141 01/06/21
Google Earth 07/29/20
KeePass KeePass 2.46 09/10/20
Malwarebytes Malwarebytes 12/09/20
Microsoft Skype 12/30/20


Firefox 84.0.2 01/06/21
Firefox ESR 78.6.1 01/06/21
Thunderbird           78.6.0 12/15/20
SeaMonkey 11/17/20
Notepad++ Notepad++ 7.9.2 01/01/21
Oracle Java Runtime Environment 8u271 10/20/20
OpenJDK OpenJDK 8u275 11/11/20
Opera Opera 73.0.3856.329 01/06/21
PuTTY Putty 0.74 06/27/19
RealVNC VNC Server 6.7.2 06/04/20
SolarWinds Dameware MRC Standalone 12.1.1 04/03/20
Dameware MRC Centralized 12.1.1 04/03/20
Patch Manager WMI Providers 2019.4.0.125 03/06/20
Security Event Manager Agent 2020.4 11/18/20
UltraVNC UltraVNC Server 12/06/20
UltraVNC Viewer 12/06/20
VLC VLC Media Player 3.0.11 06/16/20
VMware VMware Tools 11.2.1 12/10/20
WinRAR WinRAR 6.00 12/07/20
WinSCP WinSCP 5.17.9 11/20/20
WinZip WinZip 25.0.14273 10/01/20
Wireshark Wireshark 3.2.10 / 3.4.2 12/18/20
Zoom Zoom 5.4.7 12/21/20


Change History (current month + 2):


  • FileZilla Client
  • Google Chrome 87.0.4280.141
  • Mozilla Firefox 84.0.2
  • Mozilla Firefox 78.6.1 ESR
  • Notepad++ v7.9.2
  • Opera 73.0.3856.329
  • Skype


  • Citrix Workspace
  • Mozilla Firefox 84.0.1
  • Skype
  • Wireshark 3.4.2 / 3.2.10
  • Zoom 5.4.7


  • Mozilla Firefox 84.0
  • Mozilla Firefox 78.6.0 ESR
  • Mozilla Thunderbird 78.6.0
  • Opera 73.0.3856.284
  • Skype


  • Apache Tomcat 8.5.61
  • Apache Tomcat 9.0.41
  • Citrix Workspace
  • Malwarebytes
  • Opera 73.0.3856.257
  • VMware Tools 11.2.1
  • Wireshark 3.4.1 / 3.2.9


  • Foxit Enterprise Reader


  • Flash Player
  • Skype
  • Zoom 5.4.6


  • UltraVNC Viewer
  • UltraVNC Server
  • WinRAR 6.00


  • Google Chrome 87.0.4280.88


  • Mozilla Thunderbird 78.5.1


  • Apache Tomcat 7.0.107
  • Opera 72.0.3815.400
  • SeaMonkey


  • Google Chrome 87.0.4280.66
  • Mozilla Firefox 83.0
  • Mozilla Firefox ESR 78.5.0
  • Opera 72.0.3815.378
  • Apache Tomcat 8.5.60 / 9.0.40
  • Apple iTunes
  • Mozilla Thunderbird 78.5.0
  • SolarWinds Security Event Manager Agent 2020.4
  • WinSCP 5.17.9
  • Zoom 5.4.3


  • Skype


  • Flash Player
  • Google Chrome 86.0.4240.198
  • Mozilla Thunderbird 78.4.3
  • OpenJDK 8u275
  • Opera 72.0.3815.320
  • Zoom 5.4.2


  • Google Chrome 86.0.4240.193
  • Mozilla Firefox 82.0.3
  • Mozilla Firefox ESR 78.4.1
  • Mozilla Thunderbird 78.4.1
  • Opera 72.0.3815.211


  • Google Chrome 86.0.4240.183
  • Malwarebytes
  • Opera 72.0.3815.207
  • Skype


  • Citrix Workspace
  • Notepad++ v7.9.1


  • Apple iTunes
  • Apple Mobile Device Support
  • Malwarebytes
  • Mozilla Firefox 82.0.2
  • Mozilla Thunderbird 78.4.0
  • Opera 72.0.3815.186
  • Wireshark 3.2.8 / 3.4.0
  • Zoom 5.4.1


  • OpenJDK 8u272


  • FileZilla Client 3.51.0
  • Google Chrome 86.0.4240.111
  • Java Runtime Environment 8u271
  • Mozilla Thunderbird 78.3.3
  • Mozilla Firefox 82.0
  • Opera 71.0.3770.284
  • Opera 72.0.3815.148


  • Mozilla Firefox ESR 78.4.0


  • VMware Tools 11.2.0 
  • WinSCP 5.17.8


  • Opera 71.0.3770.271


  • Flash Player
  • Mozilla Firefox 81.0.2
  • Skype
  • Zoom 5.3.2


  • Apache Tomcat 8.5.59
  • Apache Tomcat 9.0.39


  • Mozilla Thunderbird 78.3.2
  • Google Chrome 86.0.4240.75
  • Opera 71.0.3770.228


  • Mozilla Firefox 81.0.1
  • WinZip 25.0.14273
  • Citrix Workspace


  • Mozilla Firefox ESR 78.3.1


  • Opera 71.0.3770.198
  • Skype


  • Citrix Workspace
  • Foxit Enterprise Reader
  • Malwarebytes
  • Mozilla Thunderbird 78.3.1
  • Notepad++ v7.9
  • Zoom 5.3.1


  • Skype
  • Wireshark 3.0.14 / 3.2.7


  • Apache Tomcat 7.0.106
  • Apple iTunes
  • Apple Mobile Device Support
  • Google Chrome 85.0.4183.121
  • Mozilla Firefox 81.0
  • Mozilla Firefox 78.3.0 ESR
  • Mozilla SeaMonkey 2.53.4
  • Opera 71.0.3770.171
  • Zoom 5.3.0


  • Apache Tomcat 9.0.38
  • Citrix Workspace
  • Opera 71.0.3770.148


  • KeePass 2.46
  • Mozilla Thunderbird 78.2.2


  • Skype


  • Flash Player
  • Google Chrome 85.0.4183.102
  • Opera 70.0.3728.178
  • Zoom 5.2.3


  • Skype
  • FileZilla Client 3.50.0
  • WinZip 25.0.14245


  • Malwarebytes
  • Mozilla Firefox 80.0.1
  • Mozilla Thunderbird 78.2.1
  • Opera 70.0.3728.154
  • Zoom 5.2.2


  • SolarWinds Security Event Manager Agent 2020.2.1


  • Citrix Workspace
  • Google Chrome 85.0.4183.83
  • Mozilla Firefox 80.0
  • Mozilla Firefox ESR 78.2.0
  • Mozilla Thunderbird 78.2.0
  • Opera 70.0.3728.133


  • Google Chrome 84.0.4147.135
  • Opera 70.0.3728.119
  • VMware Tools 11.1.5
  • Zoom 5.2.1


  • Wireshark 3.0.13 / 3.2.6


  • Flash Player
  • Opera 70.0.3728.106


  • Google Chrome 84.0.4147.125


  • Mozilla Thunderbird 78.1.1


  • Opera 70.0.3728.95


  • Google Earth
  • Skype
  • Mozilla Firefox 79.0
  • Mozilla Thunderbird 78.1.0
  • Zoom 5.2.0


  • OpenJDK 8u265
  • Apple iTunes
  • Apple Application Support 8.6  
  • Foxit Enterprise Reader                   


  • Opera 70.0.3728.71
  • Google Chrome 84.0.4147.105 
  • Mozilla Firefox ESR 78.1.0 
  • WinSCP 5.17.7


  • Mozilla Thunderbird 78.0.1


  • Mozilla Thunderbird 78.0
  • Java Runtime Environment 8u261
  • OpenJDK 8u262


  • Flash Player
  • Notepad++ 7.8.9
  • Opera 69.0.3686.77


  • FileZilla 3.49.1
  • Google Chrome 84.0.4147.89


  • Mozilla Firefox 78.0.2
  • Mozilla Firefox 78.0.2 ESR
  • Zoom 5.1.3


  • Opera 69.0.3686.57
  • Skype


  • Apache Tomcat 7.0.105
  • SeaMonkey 2.53.3


  • Apache Tomcat 8.5.57
  • Apache Tomcat 9.0.37
  • Zoom 5.1.2


  • Opera 69.0.3686.49


  • Malwarebytes
  • Mozilla Firefox 78.0.1 ESR
  • Mozilla Firefox 78.0.1
  • Mozilla Thunderbird 68.10.0
  • Wireshark 3.0.12
  • Wireshark 3.2.5


  • Mozilla Firefox 68.10.0 ESR
  • Mozilla Firefox 78.0
  • Zoom 5.1.1
Labels (1)

They are listed in the table.  The table was created in early May and there have been no patches for these applications since the time of creation.

I'm guessing we can treat this like a ''sticky" and check up every so often, eh? Thanks!

Actually, we are building out an automated way to get notified of changes to this table, along with a lot of other patch mgmt best practices and related content.  Stay tuned.

Looking forward to it. Thanks!

Hi Grandgroove, checkout Patchzone!  This is the community I was referring to in my note above.

Thank you for the link. I will check it out.

Will there be an upgrade package available for Adobe Reader 11.0.1? I'd like to get everyone on 11.0 updated, but I don't want to approve the non-upgrade package and have it push out to every system.

I checked the Adobe FTP site, and I didn't see a .MSP rollup file. That's usually when the upgrade-only patches get released. If that turns out to be the case, you can make a duplicate of the new Reader package and add prerequisites to check for an existing Adobe Reader installation.

The Adobe Reader 11.0.1 update is available from the Adobe Reader v11 catalog, as were the Adobe Reader v10 updates.

The Adobe Reader v11 catalog is available at:

Please see SolarWinds KB4460 for guidance on how to synchronize the new Adobe v11 catalogs with Patch Manager.

We have provided a Full Installation package for Reader v11.0.1, as we have done in the past for Reader v10 (when available), and will likely continue to do so.

I see Foxit PDF Reader is a new addition.  Although I am glad to see new software being added, I am disappointed Foxit PDF Reader was chosen over PDF-XChange Viewer.  PDF-XChange Viewer has all the features of Foxit with the additional ability to markup and save a PDF. 

The brings up the question about how additional software suggestions are submitted to PM?  I would really like PM to consider PDF-XChange Viewer:

"The No.1 rated BEST PDF Reader - as voted by Life Hacker Readers by a 2-1 margin for the 2nd year in a row!"

Thank you for the feedback, Mark. As it happens, we had not previously heard any requests for Tracker Software's PDF-XChange Viewer, but now that you've asked, I've forwarded your request to the packaging team and it will be added to the list. You can also post messages in the Patch Manager Feature Requests discussion area.

Why are we experiencing such delays while receiving Java packages?  JRE7_U13 isn't available yet.  JRE7_U11 was quite delayed as well, I had to make my own packages for it.

Adobe Flash 11.5.502.149 was released by the vendor on 2/7(Adobe - Security Bulletins: APSB13-04 - Security updates available for Adobe Flash Player).  This appears to be a fairly serious security flaw.  Can we expect this to be released to Catalog today?  Thanks!  -mark

Chris, I'm not understanding your compliant.

JRE7u11 was released by Oracle on Sunday, January 13 and was published to the Patch Manager catalog on Monday, January 14

JRE7u13 was released by Oracle on Friday, February 1 and was published to the Patch Manager catalog on Tuesday, February 5 (which is actually a bit misleading because the update was actually published around midnight Monday evening Feb 4).

In both cases, the updates were published to the catalog, the next business day after the vendor had publicly released the update.

It is not our practice to make announcements or promises as to when products or update packages will be released, but you can see from the data in the post above what our performance metrics have been for the past month, and the past year's delivery dates are documented in the attached worksheet. I encourage you to draw your own inferences from our historical delivery data.

Specifically, as regards Adobe Flash v11 (the v10 dates are identical) for the past six months:

11.5.502.146: Released by Adobe - Jan 8; Published to Catalog - Jan 8

11.5.502.135: Released by Adobe - Dec 11; Published to Catalog - Dec 11

11.5.502.100: Released by Adobe - Nov 6; Published to Catalog - Nov 6

11.4.402.287: Released by Adobe - Oct 8; Published to Catalog - Oct 9

11.4.402.278: Released by Adobe - Sep 18; Published to Catalog - Sep 19

11.4.402.265: Released by Adobe - Aug 21; Published to Catalog - Aug 21

Published to the Catalog at 9:30pm. 🙂

In addition to JRE 7u17, Oracle has released the final-final patch for JRE6: JRE6u43. Java Downloads for All Operating Systems Version 6 Update 43

That is correct, Andrew. The omission of the JRE6 update was my error, I assumed that since Oracle said No More Java6 Updates after 2/28/13, that's what they meant. Now we'll get to see how many more zero-day exploits it takes before they actually do quit releasing JRE6 security fixes.

This post and the attached worksheet will be updated to reflect the JRE6 update when I post the update for publishing to the catalog.

I don't understand why you have packages for adobe acrobat 9, and adobe reader 11, but not adobe acrobat 11?  Why not include adobe acrobat 11 with adobe reader 11 packages?

In addition, there is not an 'Upgrade' package for this latest version of adobe reader.  However there was an upgrade with version  Why the inconsistency?

I would like to see standalone and upgrade packages for both reader and pro for each new version just like we see for java and flash.  I find myself spending way to much time developing these packages myself.

We do not duplicate any content already provided direct by the vendors.

Adobe provides the following catalogs, which are configured to sync in Patch Manager automatically:

  • Adobe Systems Acrobat 10 Catalog
  • Adobe Systems Acrobat 11 Catalog
  • Adobe Systems Reader 10 Catalog
  • Adobe Systems Reader 11 Catalog

The packages for Acrobat 9 are created because Adobe does not publish an Acrobat v9 catalog, and the Reader v10 and Reader v11 packages published by SolarWinds are FULL INSTALL packages only .... because Adobe does not package Full Installers, only Update packages.

Your observation is correct, generally none of the Reader v11 packages came in "upgrade" packages. We did package an upgrade package for v11.0.0.379 because Adobe did not. Possibly because it was not a security update. I would have to check with the packaging group to get the specific details on that decision.

So, in general, all of this is driven by the first sentence in this reply. We do not duplicate what Adobe provides in its own Reader catalog, and we don't package any Acrobat v10 or v11 content.

Any updates on this "automated" way?

Certainly. Just "subscribe" to the document. On the right side of the screen in the menu select the option to "Receive email notifications". Anytime this document is updated, you'll get an email notification.

In addition you can subscribe via RSS feeds to some or all of the "Patch Manager" forums content on Thwack. From the Patch Manager forums main page, select "View feeds" in the Actions menu on the right side of the screen. That will take you to the RSS feed list for the Patch Manager forum. You can subscribe to just "Documents", for example, which would basically be this document as I don't think we have any other "documents" posted at this time, but I'd suggest just subscribing to the "All Content" feed.

The "All Content" one is too much info for me.  Adding just the "Documents" link yields no RSS info.  Does the RSS feed need to be updated on your end to include the Patch Manager .xls sheet?

I just subscribed to the "Documents" feed, and it returned four items.. which is an accurate reflection of the content. The documents are related to how to disable automatic updates for each of the products Foxit, Chrome, iTunes, and WinZip, dated from 5/10 to 5/27.

I presume that the 3rd Party Updates document will push into that feed as soon as its update, and I do have an update to post momentarily, so we'll know shortly. 🙂

In addition to the Patch Manager forum feeds, the document is also available from the PatchZone blog feed and that feed is working.

Looks like it's working now. Thanks.  Is there anyway to create a static link to the document so I can link right to it, rather than this page itself?

Yes, right click on the XLS link at the bottom of the page and "Copy shortcut" from the context menu.

The direct link is:

I believe I tried that, but doesn't the link change when the file is updated?

Sent from my iPhone

Good point. I believe it does, as we "remove" the attachment and then "add" a new attachment when the spreadsheet is updated.

Please add the JAVA 1.7 JDK to the 3rd party patch list.

For requests for products to be added to the catalog, please post in the Patch Manager Feature Requests forum so that it will be seen by Product Management.

I’m not seeing the latest version of Firefox in Patch Manager. I updated the catalogs and ran a sync.


Thank you for directing me to the right place. Ideal has been created.

Brandon, I did a sampling of support and dev people inside SolarWinds who regularly sync content to their own Patch Manager installations, and nobody has experience similar issues. Likewise, I've not seen any issues on my own environments. Is the Firefox update the only one missing? If so, what happens if you launch a manual synchronization? If the sync fails, or if the Firefox package is still not present, my best suggestion is to open a support ticket via

It showed up today when I checked. I wonder why the manual sync yesterday didn’t work. Are there other refresh settings related to the WSUS server I might need to modify?


What time yesterday (GMT) did your synchronization event run?

There are no other requirements. Synchronization is best handled as a scheduled event, and at the current time the best synchronization time to get the content as early as possible is about 1500-1600 GMT. If you synchronized earlier than 6/26 1500GMT, that would be one possible explanation.

That happens to me on occasion. Once this thread is updated with news of a new update being available, I usually give it a couple of hours before I attempt sync. It sounds like you might have synced at just the right time window to where it wasn’t quite ready.

Actually that experience should NOT be occurring.

By the time I get the notifications that updates have been published to the catalog, it's typically 30-60 minutes after I receive the notification that those updates are announced in this post.

I'll double-check with our teams to make sure that the catalogs are being published before the announcements are being pushed internally.

The other thing I'll point out here is that the best practice is to configure Patch Manager to schedule a daily synchronization (we publish updates almost daily) and to enable email notifications from the Patch Manager server that updates have been received. It's much more of a reliable task to automate the process and let the Patch Manager server get that content and tell you when it's actually there, than it is to monitor this post (which sometimes, to be sure, may not be updated for several hours after actual availability, depending on other activities in my work schedule) and then launch a synchronization in response.

Generally speaking, updates are published to the catalog by early morning -- it's now an overnight process for the most part -- so the optimum time to synchronize the SolarWinds catalog would be 1500-1600 GMT.

I may have overstated the occurrences. We have had Patch Manager for three years, and we are talking perhaps 5-6 total. We have a nightly scheduled sync at 11:00pm, and then I usually run a manual sync whenever there is an announcement of an update that we need. I just thought that the condition may be similar to what the other user was reporting.

Almost every time I publish an update it shows up in the Third Party Updates section, but says it's not downloaded (even though part of the publishing process was to download the file).  Upon republishing, it usually works, but sometimes I have to do it a third time.  Any ideas why?


There is a known issue when downloading/publishing content using the Package Download Assistant that does not auto-refresh the package list.

If you are downloading/publishing content that can be Direct Downloaded, a refresh is auto-generated

-Lawrence (from the Blackberry)

Even after refreshing it shows the package isn’t downloaded. If it shows not downloaded, can I still deploy it?


Typically this is an indication something was holding the content during publishing (probably AV software). McAfee seems to be the most common culprit.

Okay.. my previous reply, from the Blackberry, suffered from not being able to see the image... the subsequent reply did add some context, but the image makes the biggest difference.

"Downloaded" to the WSUS Server is a completely different thing than "Downloaded" to Patch Manager as part of the publishing process.

The reason the image above shows "not downloaded" is simply because the update is Not Approved. Once you add an Approval to that update, WSUS will simulate downloading the file (because, in fact, it's already there), and the icon will then show as "downloaded".

Strange…I wonder why it only happens sometimes then? An initial publish/download sometimes shows the downloaded icon, and sometimes I have to republish\download for it to work. I’ve never tried simply approving it and checking if the icon changed. I’ll try that next time.


What is this new ESR version of Flash I see?


ESR = "Extended Support Release". The ESR program is the maintenance of the downlevel version of Flash Player.

Flash Player v10 has reached End Of Life. The last release of Flash Player v10.3 was on June 11, 2013. Effective July 9, 2013, the ESR program now publishes Flash Player v11.7. (Flash v11.8 is the current release.)

No new significance in the process, really, just the explicit labelling of this older version as "ESR" (which we had not been doing previously).

Why would one want to stay on 11.7 ESR rather than upgrading to 11.8?


The most likely reason, given that Flash v11.8 is a brand new "feature" release, is that some organizations are a bit more conservative about deploying "feature" releases of products, than they are security updates.

Given the choice between v11.8.800.94, which contains new functionality (not yet tested by most organizations), and v11.7.700.232 ESR (which only contains security fixes, such is the purpose of the Extended Support Release program), there are likely many organizations who will choose to deploy v11.7.700.232 now, and v11.8.<whatever> later.

Version history
Revision #:
147 of 147
Last update:
a week ago
Updated by: