I do not want to upgrade my clients from Win10 to Win11. We currently have other tools for that and I have a requirement where some of my machines CANNOT be upgraded accidentally.

Using Vulnerability Manager Plus, is there something I can do to help ensure I don't accidentally upgrade them? Is there a patch classification that the upgrades all fall under, like Feature Packs or Optional Updates that I could exclude from auto deployment?

(I'm trying to automate as much as possible but I don't want to deploy 10->11 upgrades.)