So we work with plenty of customers and we constantly are finding the situation where patches are not being seen as deployed even though the system has been restarted.
This in turn has spun off loads of "Best Practice" KACE patching discussions on platforms such as Reddit, with Quest guys waxing lyrical about "Don't ever Detect and deploy" or " Don't Download patches every 30 mins" etc etc
As KACE consultants we constantly find ourselves stuck in the middle between the customer trying to use the technology to patch in the way they need for their business to work, and Quest KACE resources believing that the most important thing is to make sure that the KACE SMA is running at an optimal level, even if that means reducing the functionality that customers are asking for.
But here is maybe where the issue actually lies when it comes to patching.
Are customer PC's actually shutting down or are they all set to use Windows 10/11 Fast Startup?
If your PC's are set to Fast Startup the truth is that the restart is not a true one and as such your KACE SMA will not be registering the restart and as such not recognising the patches the require reboots as deployed.
Could this be the main reason that your KACE system is not deploying patches?
Check this article from Windows Central to understand more and then maybe run a CIR and Script to see just how many of your systems are reporting false positives when it comes to restarts and patching.