With MS09-035 it may be more of a Microsoft issue, however, with KB969898 it seems to be a reporting issue with Altiris.
 
I know there was already this thread that was open:  https://www-secure.symantec.com/connect/forums/ms09-035-kb973544-isnt-detected-applicable
but, as stated in that thread, MS did re-release this patch and i've been trying to get this last segment for over a week now.

MS09-035 as i'm sure most know is a wonderful mess of a Visual Studio patch.  They've already re-released it once.  I've gotten to the point where I have 35 machines remaining that need different portions of the patch and no matter how many times i've installed it, it keeps showing up as vulnerable. I've tried through the patch cycle, manually installing it, deploying from DS, even ripping it apart and using the msp within it (as suggested by a post I saw online about a conflict when VS wasn't installed with a 'typical' install or without Visual C++).  No dice.  Pretty much all of them need some combination of:

vs80sp1-kb971090
vs80sp1-kb973673
vs90sp1-kb971092
vs90sp1-kb973675
 

As for KB969898, it seems there's a reporting issue with any 2008 servers (there are a few others on the list, but the bulk are Server 2008)  It keeps saying they're vulnerable, but after some testing, the patch no longer applies or has already been applied.  I have over 30 machines still listed as vulnerable for this as well.

Any help is greatly appreciated.

Rich