Meltdown and Spectre exploit critical vulnerabilities in modern processors

man standing showing his back

These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are not typically permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs.

This sensitive data might include your passwords stored in the password manager or browser, your personal photos, emails, instant messages and even business critical documents. Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider’s infrastructure, it might be possible to steal data from other customers.

Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system. This vulnerability basically melts security boundaries which are normally enforced by the hardware. Desktop, Laptop, and Cloud computers are effected by Meltdown. More technically, every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013). If your computer has a vulnerable processor and runs an unpatched operating system, it is not safe to work with sensitive information. Luckily there are patches against the Meltdown for Linux, Windows and OS X operating systems.

Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices into leaking their secrets.In fact, the safety checks of said best practices actually increase the attack surface and may make more applications susceptible to Spectre. Almost every system is affected by Spectre: Desktops, Laptops, cloud Servers, as well as Smartphones. More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. In particular, Spectre is verified on Intel, AMD, and ARM processors. Spectre tricks other applications into accessing arbitrary locations in their memory. Spectre attacks involve including a victim to speculatively perform operations that would not occur during correct program execution and which leak the victim’s confidential information via a side channel to the adversary.

For everyone – whether you are a system administrator for a very large enterprise, or you have a single home computer – Install this patch as soon as it is available from your vendor. For consumers, enabling auto update ensures that patches install as soon as they are available to your computer.

Is SD-WAN right for you?

people discussing cheerfully

SD-WAN is an acronym for software-defined networking in a wide area network (WAN). Traditionally, multi-location offices have been interconnected using MPLS or VPN technology. These technologies, although more reliable, have been expensive to deploy and maintain.

With the availability of cheaper optic fibre based internet, NBN and 4G connections, SD-WAN is an inexpensive alternative to allow companies to build higher-performance WANs using lower-cost and commercially available internet access, enabling businesses to partially or wholly replace more expensive private WAN connection technologies such as MPLS. This is ideal for situations where non-real-time applications like emails and file sharing form bulk of the traffic between multiple offices within an organisation.

SD-WAN allows your company to make use of multiple lower-cost internet connections, often with different ISPs and a mix of technologies (optic fibre, NBN and 4G), to configure redundancy within the WAN. This in effect also means, that you are not tied into the same ISP for all your sites as would have been in the case of a MPLS alternative. SD-WAN allows flexibility of choosing the best ISP for each of your locations independently.

American marketing research firm Gartner predicted in 2015 that by the end of 2019 30% of enterprises will deploy SD-WAN technology in their branches.

SD-WAN products can be physical appliances or virtual appliances, and are placed in small remote and branch offices, larger offices, corporate data centres, and increasingly on cloud platforms. A centralised controller is used to set policies and prioritise traffic. The SD-WAN takes into account these policies and the availability of network bandwidth to route traffic. This helps ensure that application performance meets service level agreements (SLAs) and QoS.

Features of SD-WANs include resilience, security and quality of service (QoS), with flexible deployment options and simplified administration and troubleshooting.

  • Resilience – A resilient SD-WAN reduces network downtime. The technology features real time detection of outages and automatic switch over to working links
  • Quality of service – SD-WAN technology supports quality of service by having application level awareness, giving bandwidth priority to the most critical applications. This may include dynamic path selection, sending an application on a faster link, or even splitting an application between two paths to improve performance by delivering it faster
  • Security – SD-WAN communication is usually secured using IPsec, a staple of WAN security
  • Application optimisation – SD-WANs can improve application delivery using caching, storing recently accessed information in memory to speed future access
  • Deployment options – Most SD-WAN products are available as pre-configured appliances, placed at the network edge in data centres, branch offices and other remote locations. There are also virtual appliances that can work on existing network hardware, or the appliance can be deployed as a virtual appliance on the cloud in environments such as Amazon Web Services (AWS). This allows enterprises to benefit from SD-WAN services as they migrate application delivery from corporate servers to cloud based services
  • Administration and troubleshooting – Management simplicity is a key feature for SD-WANs. As with network equipment in general, GUIs are preferred to command line interface (CLI) methods of configuration and control. Other beneficial administrative features include automatic path selection, the ability to centrally configure each end appliance by pushing configuration changes out, and even a true software defined networking approach that allows all appliances and virtual appliances to be configured centrally based on application needs rather than the underlying hardware

Majestic Computer Technology has partnered with Cisco Meraki and uses their platform to deploy and manage SD-WANs. If you want to know more, please call us on 1300 441 551 for a free consultation session.


It solutions in Health care

Majestic was appointed to plan and migrate production servers at Eurofins | mgt from a physical to virtual environment.

Eurofins|mgt has emerged from the Eurofins Scientific acquisition of mgtLabMark Environmental Pty Ltd. Eurofins|mgt has 200 staff and a network of National NATA Accredited Environmental Laboratories located in Brisbane, Sydney & Melbourne that are supported by a National distribution and service network with offices located in Adelaide, Perth, Darwin & Newcastle. Eurofins also operates an Environmental Laboratory in Wellington along with Food and Agroscience Laboratories in Auckland, Hamilton & Christchurch.

Virtualisation was required to provide features that reduce administration costs, increase security, have the servers “data centre” ready and provide additional administrative functionalities.

Majestic successfully planned and implemented the migration in collaboration with Eurofins | mgt IT by:-

  1. esigning a new virtualised server infrastructure based on Clustered VmWare Environment and SAN devices.
  2. Migration of production server and minimum downtime
  3. Post migration review, testing and clean up.
  4. Optimise the virtual environment for performance.

Yacht Racing Services Association Saas implementation

Software-as-a-Service Solution

Majestic proposed a fully managed Software-as-a-Service Solution without the need to accommodate a server onsite.​

Yacht Racing Services Association (YRSA) is a not for profit association incorporated to provide for the Australian Measurement System (AMS) and Sportsboat Measurement System (SMS) rating systems. The AMS and SMS rating systems have operated under the auspices of the founders of the system for over 17 years.

A need to maintain the company’s growth and to provide continuity for the future required an internal interface for the staff to efficiently manage the vast documents produced by the staff themselves as well as by the customers submitting the online applications (which was also a solution by Majestic Computer Technology). At the same time a provision to avoid managing and maintaining a server to provide for such a system, was desired.

Majestic Computer Technology implemented a completely managed Software as a Service solution with all the required features by YRSA. It is an uncluttered interface with all the power required for a well-organised enterprise content management system. The solution leveraged existing organizational workflows, and provided award-winning business process management capabilities that reduced the company’s decision cycle times and increased productivity.

It provides complete content management and collaboration with audit capability which tracks who did what and when for each record.

Australian businesses are at stake due to the illegal use of software

man standing showing his back

In the year 2016, Australian businesses have been hit with $589,000 in damages over the use of unlicensed software. “By using unlicensed software, businesses are compromising their cybersecurity policies and putting their customers data at risk. It can also result in financial losses for the business, as information can be intercepted and repurposed for others financial gain. Not to mention the impact to the reputation of the organisation, business and its employees during any legal proceedings.” BSA director of compliance programs, Gary Gan said.

During 2016, the global software industry advocate organisation which is widely known as BSA settled 14 cases Australia wide. Each business caught using unlicensed software was forced to purchase genuine software licenses for its ongoing use, in addition to paying the copyright infringement damages.

“Our 2016 results reflect the increased public awareness of the security and business challenges that unlicensed software poses to Australian businesses. We strongly encourage all businesses, across all sectors to implement an effective Software Asset Management (SAM) practice. This, combined with regular checks of software licenses and deployments, will ensure their business is secure and avoids legal risks,” Gan added.

Other than the risk of paying copyright infringement damages, other benefits of using licensed software are –

  • Pirated software often contains malware which can lead to the theft of company’s confidential information.
  • With licensed software, regular software updates are available to mitigate any risks associated with vulnerabilities discovered since the software was first released.
  • Pirated software can cause severe damage to your computer hardware which requires hardware replacement.
  • Having genuine and licensed software speaks volumes about your company’s reputation and governance.
  • Avoid all unnecessary IT and cyber security risks.

Whatever IT compliance requirements your business has, Majestic can assist in ensuring that you are always on top of the requirements. Utilising the industry standard tools and best practices, technology experts at Majestic can help your organisation to review your compliance requirements, current setup and help you fill in the missing pieces. Any work related to IT audit and compliance completed by Majestic are documented using standard documentation processes.


University building

Majestic was appointed to plan and implement the network integration of Advanced Precast VIC, NSW and QLD offices as a step towards integrated domain.

Advanced Precast (Aust) Pty Ltd (established in 1992) has grown to become one of Australia’s market leaders in the field of precast concrete. Today they service Melbourne Sydney, Canberra, Brisbane, Gold Coast and the surrounding areas and currently employ 160 people across three states comprising construction workers, engineers, detailers and administrative staff.

The network integration of their three offices was required as a step towards integrated domain setup.

Majestic evaluated, planned and implemented the successful network integration by:-

  1. Planning migration and consolidation with minimum downtime and no data loss
  2. Configuring existing network servers, workstations, printers, switches, routers, bridges, modems etc.
  3. Configuring and installing new network servers, switches etc
  4. Migrating network applications and data
  5. Configuring WAN connections and secure remote access
  6. Conducting a post-migration clean up and review


Palm tree in dark

Majestic was appointed to plan and configure cloud based email security for Advanced Precast.

Advanced Precast (Aust) Pty Ltd (established in 1992) has grown to become one of Australia’s market leaders in the field of precast concrete. Today they service Melbourne Sydney, Canberra, Brisbane, Gold Coast and the surrounding areas and currently employ 160 people across three states comprising construction workers, engineers, detailers and administrative staff.

A cloud based email security was required to stop spam, malware, spear-phishing, and advanced targeted attacks before they reach the network.

Majestic planned and implemented the successful migration by:-

  1. Configuring hosted email security for incoming and outgoing emails
  2. Migrating email configuration with no downtime
  3. Reconfiguring Microsoft Exchange environment for the new infrastructure
  4. Conducting a post migration review



Majestic was appointed to create a tool required by The Shotton Group for Sales Force Automation.

The Shotton Group is based in Melbourne Victoria. Trading as P&R Sheetmetal, the company quickly gained a reputation for precision and quality. They invest in state of the art laser cutting and other CNC equipment. The Shotton Group now employs over 60 staff members, including a team of internationally trained designers. It is one of several divisions that currently form the Shotton Group, as the company now produces and sells its own product ranges within Australia and internationally

Majestic completed the successful project by implementing SugarCRM as a solution.

  1. SugarCRM solution integrated with the existing Virtual Environment and Unified Communication Platform.
  2. Highlighted Features
    • Share sales data across individuals and teams
    • Focus attention on the most profitable deals
    • Bring new sales representatives up to speed
    • Present effective presentations and proposals to customers
    • Monitor quota progress and business performance
  3. Customise SugarCRM installation to suit The Shotton Group business needs.


Construction IT

Majestic was appointed to plan and implement the domain consolidation for Advanced Precast (Aust) Pty Ltd

Advanced Precast (Aust) Pty Ltd (established in 1992) has grown to become one of Australia’s market leaders in the field of precast concrete. Today they service Melbourne Sydney, Canberra, Brisbane, Gold Coast and the surrounding areas and currently employ 160 people across three states comprising construction workers, engineers, detailers and administrative staff.

To provide features that reduce administration costs, increase security and provide additional functionality, a domain consolidation was required.

Majestic planned and implemented the domain consolidation project by:-

  1. Assessing the existing configuration and designing a new consolidated single domain service.
  2. Planning migration and consolidation with minimum downtime and no data loss.
  3. Purchasing, installing and configuring the servers, workstations, applications, etc
  4. Migrating domain, user account and other services.
  5. Installing a Backup Domain Controller on each site
  6. Conducting a post-migration clean up and review
  7. Setting up of a disaster recovery system for all the offices.


Palm tree in dark

Majestic was appointed to provide a more comprehensive network maintenance/support solution which was required to ensure a smoother running network at Advanced Precast

Advanced Precast (Aust) Pty Ltd (established in 1992) has grown to become one of Australia’s market leaders in the field of precast concrete. Today they service Melbourne Sydney, Canberra, Brisbane, Gold Coast and the surrounding areas and currently employ 160 people across three states comprising construction workers, engineers, detailers and administrative staff.

Majestic completed the successful project by:

  1. Replacing the traditional Break Fix Model with more advanced Managed Service Model.
  2. Putting in place the Majestic Service Level Agreement to ensure the following:
    • Guaranteed Response Time
    • Regular Network Maintenance
    • Network Monitoring & Alerting
    • Fixed IT Support Cost
    • Regular Patch Management
  3. Designing a comprehensive Disaster Recovery Plan
  4. Implementing and managing Security and Secure Remote Access