What 3rd party software is at the top of your Automox update wishlist?

We’ve got some momentum going on the 3rd party software support, having just recently reached 20 titles with yesterday’s release:

We do have a section for 3rd party app requests here on our product board:

Feel free to add your wishes and votes there, or post below with the software titles that you’d love to see us add first!

Microsoft’s Power BI Desktop is one I’d like to see (both 32- and 64-bit).

The app doesn’t auto-update itself, and Microsoft releases monthly updates.


Good suggestion. I’ll see if that’s on our list of future 3rd party software to support already.

Ok I’ve confirmed its on our “top 50” list. It hasn’t been assigned to a sprint or roadmap yet, so I couldn’t hazard a guess as to when it will reach the top of the list. Once I hear that it’s in development I can let you know.

1 Like


+1, this is certainly a “nuisance” application for us to manage.

I would also add Adobe Acrobat (Paid not Reader) to the list. I believe there may be some licensing issues with this as most patch management companies only target Reader. If that’s the case I’d love to see some Worklets designed which would allow us to self-service.


Adobe Acrobat is a bit of pain because Adobe gates the updates behind a login, if I recall, and that makes it challenging to grab the update file. I just checked with the team working on 3rd party software and they let me know that they do think they have a workaround for that, which they’re going to investigate in the next sprint.

The Acrobat patches are all available publicly in the same FTP location as Reader:

Is there a way to install an Acrobat patch (.msp) using a Worklet?

SQL Server Management Studio.
RingCentral Apps (Phone and Meetings)


Do you know how the patch gets executed? Do you run the .msp file or is there some other method. As long as we can figure out the command to run the patch, then we can do it via a worklet.

msiexec.exe /p “Acrobat2017Upd1701130171.msp” /qn /norestart /log output.log

Here is an example for patching Acrobat 2017 but it holds true for 2019 as well. The key is to check if the Adobe process is currently running before applying the patch. These updates require the application to be closed.

It’s via the .MSP file. I set up a worklet with just the remediation code to patch a machine that I know needs the patch. It seems to run without error, but does not actually patch the software. Perhaps it’s because the process is running (per Chris_2.0’s comment).

Yeah you might need to look for and shut down any open Adobe applications you’re trying to patch. I know that our 3rd party team has to deal with that for several applications that we patch.

Tableau is one for me. We have an increasing footprint. At the current moment I have to remote in to the staff member’s computer and enter admin creds to approve the install.

Tunnelbear (VPN) deployment via .exe They don’t offer .msi options.

1 Like

You should be able to deploy Tunnelbear as an exe using a Required Software Policy, as long as it has flags for a silent install that you can put in the installer command field. If you can find any documentation on install flags for their exe then I can help you get everything setup correctly.

Sadly, it doesn’t look like it is going to work out. Here is the response I got from Tunnelbear, “We don’t currently do not support silent installing due to various factors, but we’re always looking to expand our support if there’s sufficient demand. We’ve do see the benefit for our Teams users and it’s on the drawing board, however I cannot give an ETA on when something like this would be implemented.” Thanks for offering to assist, though. Much appreciated.

That’s a bummer. Hopefully if enough of their customers ask for it they’ll add that to their roadmap.

@Chris I wanted to circle back on your comment in case this helps you. We might have found a better way to handle PowerBi Desktop. The MSI package requires manual maintenance but the version in the Microsoft Store App automatically handles updates. As an added bonus, we can push this App automagically through Intune and even use AD group level targeting. Hoping to put an end to this game of wack-o-mole once and for all.


Thanks for the heads up!