> Always test updates on UAT machines before deploying the updates on production machines. Why take the risk?
Why not do both? Isn't that even less risky? Can you guarantee that if it works in the UAT machine, it will work in the production machine? Maybe there is a device driver conflict. Does your UAT machine have the exact same hardware? How about number of CPUs or RAM? Unlikely, but a bug could be triggered by some unusual combination of hardware, otherwise the patch writers would have caught it.
Ideally it should be similar, if not, good luck.
Contingency planning needs to be thorough and well-tested, so that you have a high level of confidence that it would work.