Saurik releases an in-depth write-up and fix for Android’s ‘Master Key’ vulnerability!

BY

Published 21 Jul 2013

NSFW AI Why trust Greenbot

We maintain a strict editorial policy dedicated to factual accuracy, relevance, and impartiality. Our content is written and edited by top industry professionals with first-hand experience. The content undergoes thorough review by experienced editors to guarantee and adherence to the highest standards of reporting and publishing.

Disclosure

android

Earlier this month, Bluebox unveiled a major security exploit in Android that allowed the hacker to directly modify the contents of an APK without any intervention from the user. The vulnerability, apparently, affected nearly 99% of Android devices out there.

    While Google and other popular ROM makers quickly patched the exploit, none of the OEMs have rolled out an update for their Android devices that actually fixes the exploit.

    Now, Saurik, the developer behind Cydia Jailbreak for iOS and Substrate for Android, has released an in-depth write-up about the bug #8219321. His incredibly detailed write-up not only explains how the exploit works in details, but also provide a fix. If you are a developer or a hacker, this should make for a very interesting read.

    Regarding the ‘Master Key’ exploit – The exploit has been hyped by the media. While the exploit has a lot of theoretical implications, there are no known malware floating around on the Internet that make use of it.