To understand Acrobat's release cycle, I'll point you to this page.
To summarize, Adobe has two type of patch releases: quarterly, and out of cycle security fix (and these happen quite often). However, to create a network installation point, one that is using msi deployment methods and fully up to date (9.3.3 as of writing) you have to follow a specific update path - you're only allowed to patch your AIP using quarterly patches. Again, that is outlined in the link above.
For creating 9.3.3 AIP: 9.3 > 9.3.2 > 9.3.3
For creating 9.3.2 AIP: 9.3 > 9.3.2
For creating 9.3.1 AIP: 9.3 > 9.3.1
This means, if you have created a 9.3.1 AIP, you'll have to do whole process from 9.3 start again, because 9.3.1 was a security patch.
Today, I need a 9.3.3 AIP, so here's the steps I used:
1) Download 9.3 from here.
2) Extract setup package into its source (.msi):
AdbeRdr930_en_US.exe -nos_ne -nos_o"aip_directory"
Info on the switches can be found here.
3) Download 9.3.2 and 9.3.3 patches from here.
4) Apply 9.3.2 to the AIP like this:
msiexec /a "aip_directory\AcroRead.msi" /p "AdbeRdrUpd932_all_incr.msp"
5) Apply 9.3.3 to the AIP like this:
"msiexec /a aip_directory\AcroRead.msi /p AdbeRdrUpd933_all_incr.msp"
Now your aip_directory will contain a fully patched (9.3.3) version of Acrobat Reader. You can simply deploy the .msi file in it.
EDIT (Dec 20, 2010): Adobe changed some of the links, so I update the links to reflect the chanage. I tested the procedure for Acrobat Reader 9.4.1.