Ivanti EPM can scan client machines and install missing patches. As a rule patches are dedicated to a subset of operating systems (Affected Platforms) and product versions (Affected Products).
If some machines must be excluded from patching, a Query Filter can help. Some patches are applied based on registry or file condition:
Custom Script is the most flexible solution for complex set of conditions. It is used to detect patch applicability by many vendors. A Visual Basic (VBS) script should return one of predefined values (Detected, Reason, Expected, Found).
Many patching tools hide “detection logic”, make troubleshooting more difficult. EPM Admin can analyse detection script if patch does not work as expected.