About the patch policy
The patch policy allows you to check that your computers have the most up-to-date security patches installed.
When setting up your patch policy, consider using the patch assessment Event Viewer to audit missing patches on your company's computers. It contains information about security patches and results of patch assessments. You can view patch status by computer, group, or threat after you have enabled patch assessment in the patch policy. You can access the Event Viewer by clicking .
Note Patch uses CScript.exe which can be blocked using Application Control.
If you use both Application Control and Patch, ensure that you do not block
Microsoft WSH CScript in the Programming/Scripting
tool category in the Application control policy.
By default, programming and scripting tools are allowed by application control.