With all the hacks going on out on the net today, patching your machines is more critical than ever.

Microsoft is releasing 16 Patches, 9 of which Microsoft deems critical. Patches include Windows, Office, and .Net, and all attempt to address RCE attacks.

Oracle has also released a major patch for Java in the past few days which addresses a number of security vulnerabilities. Adobe has patches out recently for Flash, Apple is playing whack-a-mole with malware, and basically there is a lot of patching to do.

Don’t forget though, with all these patches, to test them before deploying them. It doesn’t happen very often, but some patches can break your software.

Just over a month ago, I decided to get a Nook Color. Now after a month of using it, here is the good, and the bad.

I have friends who have the Kindle, and family with the regular Nook, but I wanted something more than just an e-reader, since I would be using it for IT related items. An iPad or Galaxy Tab were right out of my budget, as much as I felt a tablet would be fantastic. Besides their higher initial fees, then you needed a monthly data plan for 3G. Sorry but I’m not going to cut down on what I spend on items I really need, like food, just to have a tablet. I had been hearing good things about the e-readers out there, but everyone agreed that the web experience was not as good, and PDF rendering was poor at best. Then I saw the Nook Color, and I did a double take.

The Nook Color is the next generation of Nook e-readers. Yes it did away with the e-ink display. This allows for better web site viewing. The drawback is a bit more reflections when reading in bright light, although I have not had a major issue with that. The special coating that Barnes and Noble say they put on the touchscreen to help cut down on the glare seems to do its job decently.

The Nook Color runs on Android 2.1, with a special front end which was developed with help from Adobe. The fact that it is Android 2.1 is noticeable in speed and sensitivity of the touchscreen. while not completely awful, if you don’t do a hard power down every now and then, the lag time between opening a book, and the time it opens becomes unbearable, let alone the slowness of page turning. I haven’t had to do a lot of reboots, but once every few weeks seems to do the trick. This isn’t a game breaker for anyone, but more of an annoyance. It should get better with Froyo when that comes out early in 2011, but there is no exact time frame on it arriving. Also coming out in Early 2011 is supposed to be a marketplace, which I am curious to see. I really feel that the Nook Color could become the perfect thing for students, but alas while you can view Word Documents, you can’t edit or create them. I am hoping that sort ability comes from apps in the marketplace.

There are some other disappointments with the Nook Color also. One being that Watermarked PDFs do not open. I haven’t tried the DRM PDFs, which are supposed to open on it, but the watermarked ones will not. Regular PDFs open nicely, but if there is graphics behind the letters, you well get a light red X on the screen because it cannot display the graphics properly, which is another annoyance. Yes you can still read the PDF with the red X through it, or at least I could, but this is something else they might want to fin a solution for. I know plenty of people who play RPGs, and while the Nook Color is better than the Kindle or regular Nook for dumping all those source books onto, the Watermark and red X issues do cause pause for thought. Considering Adobe helped with the technology behind the Nook Color, these issues are a bit surprising.

The Nook Color comes with WiFi only, no 3G. Considering how much WiFi is out there now this isn’t that big of a deal, although it would be nice to see some sort of plug in 3G modem that would work with it. Web browsing is as good as any Android device, although it won’t have flash until Froyo comes out for it.

Small thing to note if you do decide to get the Nook Color, it is larger than the regular Nook. As of the last time I went into Best Buy, they still did not have any cases for the device, and had no clue as to when they would have cases. Barnes and Noble stores do have the cases plus the devices.

Overall, the Nook color is a solid device, and I have been enjoying it. I keep my tech books on it, along with some magazine subscriptions, and find it very nice that I don’t have to carry 1000 page tech books anymore. For $250 you get a mini tablet that really can become a full tablet and overtake the market if Barnes and Noble make the right choices.

Keeping up in the IT world, you come across all sorts of interesting things. You also start seeing patterns that can almost be seen as a microcosm to the rest of the world. With all the focus on Swine Flu lately, you can see some similarities between the way it is being presented and say, Cornficker.

Swine Flu is still making headlines, while Cornficker has done exactly what I figured. It feel from the spotlight, and it fell hard. So hard that the FBI complained about the over-hype and problems that the over-hype caused. Now we are seeing that exact same over-hype with the whole Swine Flu health issue, but no one will ever say it was over-hyped. Cornficker, by the way, has one variant that is about the self destruct, while most of the others have been turning into spam-bots, creating a very large botnet.

The Swine Flu is a nasty illness, but it is being called an epidemic, when in reality such a small portion of people are getting it, and an extremely small amount are dying from it. Yes it is nasty, and yes it needs to be fought, but it doesn’t seem to be any more widespread than any other influenza, just a strain that is more rare.

So one has to wonder, with the latest Zero-Day Adobe Exploit, what we are doing about it. The answer is nothing. People are supposedly waiting for the patch for the newest exploit, yet they still haven’t applied the patches for the prior exploit. Mind you, these things get no press, even though they can be just as dangerous as anything else out there.

Yes, you should test patches before deploying them, but you need to have a plan and a time frame that is not insanely long for a decision. The patches for exploits out in the wild (zero-day) should be deployed as fast as possible. It is simple common sense.

Of course, common sense isn’t so common anymore. Just look at the plan on the Swine Flu “epidemic”.  It consists of scaring everyone to death, hurting the economy because of travel bans, and basically hyping the hell out of it until we become complacent and don’t even listen to the people who are basically crying wolf constantly about it.

Hype can be good, but in this day and age, we over-hype so much so fast that I have to wonder, “What are we thinking?”

It is interesting watching how different companies look at patches, and security holes. It is more interesting to see one giant seem to fail at prompt patching for a Zero-Day exploit, while another gives a basic time frame and is pretty much right on as far as when the fix will be out. Of Course the two companies I am talking about are Adobe, and Microsoft.

Adobe released the patch for the JavaScript Vulnerability in all of its Acrobat products this past week. They had said they would have patches out by the 18th, when the flaw was pointed out by Symantec back in February. That is pretty prompt if you ask me. They acknowledge a serious flaw, say when they hope to have a patch available to close it, and then hit that time frame.

The fact of the matter is a great many pieces of software, both closed and open source, take these flaws and vulnerabilities seriously, and are very prompt in patching the holes. Yeah you hear Opens Source people talk about how much quicker they are able to patch things, but they tend to refer to Microsoft, and don’t think about all the other companies out there.

That does bring us to case 2, which just happens to be Microsoft. Back in January, a Zero-Day exploit in Excel was found. Now if a flaw like this had been found in Internet Explorer or Windows, we might have a patch for it already, probably released Out Of Band (not on the normal patch Tuesday every month). Instead, with it only being Excel, we are nearing the end of March, and still no patch for it. Now mind you this exploit was found a month before the Adobe one. Last I check, Excel was a very popular program, used by a lot of individuals and companies. Yet, Microsoft still has no patch for it.

Sure you can say that Excel is a complex program, but so is every program out there in this day and age. Sure you can say that Microsoft is working on it, except I haven’t heard anything about a patch from Microsoft. No expected time frame on getting a patch out, no nothing. Yes, this is the sort of thing the Open Source people feed on, and I can’t blame them.

I use both Microsoft, and Open Source software, so don’t think I’m bashing something I don’t use. Microsoft as a company has come a long way in their patch management, but they still have a long long way to go. Then again so does Linux, but that will be an editorial for another day.

I just want to know that I’m not going to have to deal with clients who get hit by the Excel exploit. Please get us our patch.