When setting up a deployment job it would be nice to be able to select from the list of assets that are missing the patches instead of having to build the list by hand or use a tag.
If you're goal is to push a single patch to all machines that are missing that patch, why not target all machines? If the patch isn't required, the machine will be skipped. This way you're letting the platform do the work of identifying which machines need the update rather than manually building a list of targets.
Was not sure if PM would still have the machine check if the patch is required and waste resources. If the UI just skips over it then this should be fine.
Retrieving data ...