Is there any filter so you can remove versions of updates, for example .net (when you scan)? We just want to patch updates and not version. Becomes quite tricky if you are going to make a patchgrups on every version and then exceptions them.
The most you can filter is down to the version of the product as is shown in the screenshot below:
Are you saying that you are automatically updating from .Net 4.6 to .Net 4.7 for example? If that is the case then make sure you are not using software distributions because that will update from one version of product to another.