Hi toca,
What version of Patch do You use?
1. Troubleshooting of such issue depends on which Patch MAnagement Solution version You have.
a. 7.1 and older: navigate to this update applicability rule through Patch Remediation Center -> Bulletin Resource -> Update, etc. and check why the update is shown as required: the reason could be regisstry key or file of specific version, that is installed on system.
b. 7.1.SP1 and newer: Go to Client and open C:\Program Files\Altiris\Altirtis Agent\Agents\SoftwareManagement\Software Delivery\{6D41....}\cache\StPatchAssessment.xml. This file contains information why exactly this particular update is treated as required. It can be some file of specific version for example, or registry key.
2. Yes, patch will still be uncompliant for the machine, even if it is failed.
3. In Case Patch Status is Red (Failed) in Client UI, it will never be re-applied. However, You can force this update installation on client by running command line: C:\Program Files\Altiris\Altiris Agent\Agents\PatchMgmtAgent\AexPatchUtil.exe /F <UPDATE_GUID>
Regards,
Sergei