软件介绍
The Bluebox "Master key" Security Scanner will scan your device to determine:
- If your system is vulnerable or patched to any of the "master key" security flaws affecting most Android devices (there are multiple 'master key' flaws at this point)
- If your system settings allow 'Untrusted Sources' application installs
- If any installed application on your device is trying to maliciously take advantage of any of the 'master key' security flaws
ANTIVIRUS ALERT: we have confirmed that the Bluebox Security Scanner can cause alerts for "Exploit.CVE-2013-4787.A" Trojan, which is the MasterKey bug CVE designator. The Bluebox Scanner does not use the "Master Key" vulnerability in any way in the application itself (testing vulnerabilities with real exploits is against Google's terms of service), but it includes non-application test ZIP files with empty entries to verify patch status when processed by the ZipFile Java class (vulnerable systems open the ZIP files without error; patched systems throw an exception when opening/processing). It seems the antivirus applications are triggering a false positive Trojan warning due to the included test ZIP files.
Further details of the Android "Master key" security flaw are available at:
http://bluebox.com/corporate-blog/bluebox-uncovers-android-master-key/
NOTICE: the scanner currently cannot check .APKs in the /mnt/asec/ (copy protected apps) directory; this is a security limitation enforced by Android OS. You are told how many were skipped, and given a checkbox (if one or more are skipped) to enable seeing the full list of details if you so choose.
- If your system is vulnerable or patched to any of the "master key" security flaws affecting most Android devices (there are multiple 'master key' flaws at this point)
- If your system settings allow 'Untrusted Sources' application installs
- If any installed application on your device is trying to maliciously take advantage of any of the 'master key' security flaws
ANTIVIRUS ALERT: we have confirmed that the Bluebox Security Scanner can cause alerts for "Exploit.CVE-2013-4787.A" Trojan, which is the MasterKey bug CVE designator. The Bluebox Scanner does not use the "Master Key" vulnerability in any way in the application itself (testing vulnerabilities with real exploits is against Google's terms of service), but it includes non-application test ZIP files with empty entries to verify patch status when processed by the ZipFile Java class (vulnerable systems open the ZIP files without error; patched systems throw an exception when opening/processing). It seems the antivirus applications are triggering a false positive Trojan warning due to the included test ZIP files.
Further details of the Android "Master key" security flaw are available at:
http://bluebox.com/corporate-blog/bluebox-uncovers-android-master-key/
NOTICE: the scanner currently cannot check .APKs in the /mnt/asec/ (copy protected apps) directory; this is a security limitation enforced by Android OS. You are told how many were skipped, and given a checkbox (if one or more are skipped) to enable seeing the full list of details if you so choose.
历史版本
- 01/08/2017: Bluebox Security Scanner 2.6
- 07/07/2015: Bluebox Security Scanner 2.2
- 12/05/2014: Bluebox Security Scanner 2.1
- 01/04/2014: Bluebox Security Scanner 1.7
- 07/30/2013: Bluebox Security Scanner 1.6
- 07/24/2013: Bluebox Security Scanner 1.5
- 报告一个新版本
Free Download
二维码下载
- 软件名称: Bluebox Security Scanner
- 软件分类: 工具应用
- APK名称: com.bluebox.labs.onerootscanner
- 最新版本: 2.6
- 支持ROM: 4.1及更高版本
- 软件大小 : 4.86 MB
- 更新日期: 2017-07-26