HI Nagesh,

It's depend what patch required in OS.those patch are not required it's not accept.

Check Sergei Kljujev Comments

https://www-secure.symantec.com/connect/forums/patches-not-being-pushed-all-computers-filter

Your sever (the patch policies) only target vulnerable clients ... based on their last assesment scan (this is a policy/package in your agent. Runs every 4 hours if you didn't change the configuration).

For all the products you import patch data of Altiris will create an XML which will be pushed to the clients in the Assessment scan package. The assessment scan runs on the client and goes through the list to check if a version is already up to latest patched version or not. This then gets reported to the NS and is saved in the patchdata for the client. Thats also how you get the compliance data in patch management. And as mistral said only the still vulnerable ones get targeted for download and installation of patches. IF they are included in the patch policies you set up for the bulletins.

Thanks all,

1) Can we have have path where I can seen the XML file?

2) If I have package server then where this XML file will get created?

Is it creating on Package server or NS server and share the file path for the same?

3) Where are the options for the schedule the patch CMS 7.1 MP2?

1) Altiris\Patch Management\Packages\WindowsVulnerabilityScan

2) will get created on the NS and replicated on the package servers

3)Settings 
   -Agents/Plug-ins 
   -Software 
   -Patch Management 
   -Windows 
    -Default Software Update Plug-in Policy