EXACTLY!!
I'm a natural for the beta tester role, as are many of the power users, and we tend to be mentally prepared for the software to mess our stuff up or act wonky.
Roll out to us _first_ and then roll out to everyone else a couple of days or a week, later.
And make the updates opt-in. Sure, it's better for security to stay fully up-to-date, but if someone wants to never update their desktop, it's on him if he gets hacked.
In commercial systems, the sysadmins should be responsible for validating and determining the necessity of updates.
