Or is the Microsoft CA widlcard ONLY vaild for .domain.com and if I want to cover *.uat.doman.com too I will need this to included this into the SAN as well?
it is not Microsoft CA-specific. It is RFC standard. Wildcard covers only one level and wildcard can appear only once in domain name and must be leftmost part of domain name. That is,
You have to include all three names in SAN.