Has anyone come up with a way to deploy security patches that require the end user to accept a license agreement before installing the patch? This has always been an issue for me with KPM and many times the patch will just get denied in the policy to prevent it from showing as failed week after week.