I may have misspoken when I said "You
should never experience what you're describing, pushing a
"patch" to a machine that doesn't have the software app
already installed." I think it might be possible, when
you're deploying a given patch such as Adobe AIR v17.0.0.124, to
deploy it to a workstation (managed client) that doesn't already
have AIR installed. Here's how I avoid that situation:
After
you've run a patch scan against your managed clients, go to
Patch Mgmt tab - View > All Patches (in the left margin). On the
"Missing Patches" tab, for each patch, .you'll see the
number of "Missing Systems" - click on that number and
you'll see the list of managed clients that are missing that
patch. Select as many of them as you like (< 50 at a time) and
click the "Install Patch" button.
The
patch will only get applied to those machines you selected, all of
which were detected as having an earlier version of the particular
software. This is a very cautious approach to deploying patches one
update at a time, but it sounds like your shop is very cautious. We
tend to deploy multiple 3rd party updates to subgroups of
workstations, as most of our workstations are pretty homogeneous in
terms of apps installed: They all have Adobe AIR, Flash, JRE,
Firefox, Chrome, etc.)