|Configuring policies / Patch policy|
Patch assessment is disabled in the default policy. Once patch assessment is enabled, computers begin an assessment. This can take several minutes. Subsequent assessments occur at the interval set in policy, which is daily by default.
If the patch agent cannot update from Enterprise Console, for any reason, it will continue to assess computers against the previously downloaded patch detections.
Computers are only assessed for security patches on software that is installed on the computer. If a new patch is released that supersedes an older patch, then patch assessment will no longer check for the presence of the older patch. Only the new patch will be assessed.