Not so very long ago, as recently as 2016, there was debate amongst IT Pros about when to patch servers with security and cumulative updates. Security practitioners leaned toward patching immediately, while application owners were more conservative, concerned that the new update might disrupt services that have been working fine. The front-page visibility of WannaCry’s abuse of unpatched systems has likely settled that debate for now. But is it for the better?
No matter what your Organizational policy, there should be no debate about the importance of executing a full user acceptance test after the patches (or major config changes) are made. Enabling has implemented and patched thousands of Skype for Business (Lync and OCS) servers as well as Office 365 workloads and has a full test plan that you can download and execute for your peace of mind. Note each tab focuses on specific server roles / workloads.
One final word of advice. It's good idea on multifunctional apps like Skype to also run the test plan before the updates.... If there was something broken before the patch, you'd know it, and not blame the patch or roll it back without a cause.
May your Tuesday evenings be safe and well tested!
PS – if you do need to roll back updates, see the Section labeled: “Uninstall the cumulative updates” at https://support.microsoft.com/en-us/help/3061064/updates-for-skype-for-business-server-2015