Master Key multi-fix
Free App
Advertisements
About Master Key multi-fix
Requires the Xposed Framework. Grab it at http://forum.xda-developers.com/showthread.php?t=1574401 and make sure it runs properly on your device.
ROOT only required for installing the Xposed Framework, it can be dropped afterwards.
This app patches several vulnerability issues found on Android collectively known as 'Master Key' exploits:
- bug 8219321
- bug 9695860
- bug 9950697
In general terms, these allow exploiting signed APKs by replacing the code they contain while maintaining the existing signature valid (hence the term 'Master Key'), leading you to think the original author is someone you trust.
The original Android sources have been corrected to fix these problems, but it might take a while
till stock ROMs include the fixes, if ever.
To check if you're vulnerable, you can use other apps available on the store such as SRT AppScanner (https://play.google.com/store/apps/details?id=de.backessrt.appintegrity) or Bluebox Security Scanner (https://play.google.com/store/apps/details?id=com.bluebox.labs.onerootscanner).
Note: If using Bluebox Security Scanner, make sure to force a refresh on the app once the fix is applied, otherwise you might get a cached and incorrect result.
For any questions or to support my work, please visit http://forum.xda-developers.com/showthread.php?t=2365294
ROOT only required for installing the Xposed Framework, it can be dropped afterwards.
This app patches several vulnerability issues found on Android collectively known as 'Master Key' exploits:
- bug 8219321
- bug 9695860
- bug 9950697
In general terms, these allow exploiting signed APKs by replacing the code they contain while maintaining the existing signature valid (hence the term 'Master Key'), leading you to think the original author is someone you trust.
The original Android sources have been corrected to fix these problems, but it might take a while
till stock ROMs include the fixes, if ever.
To check if you're vulnerable, you can use other apps available on the store such as SRT AppScanner (https://play.google.com/store/apps/details?id=de.backessrt.appintegrity) or Bluebox Security Scanner (https://play.google.com/store/apps/details?id=com.bluebox.labs.onerootscanner).
Note: If using Bluebox Security Scanner, make sure to force a refresh on the app once the fix is applied, otherwise you might get a cached and incorrect result.
For any questions or to support my work, please visit http://forum.xda-developers.com/showthread.php?t=2365294
All Application Badges
Free
downl.
downl.
Android
2.3.3+
2.3.3+
Bug
buster
buster
Android app
App History & Updates
What's Changed
2.0 - Fix bug 9950697; additional corrections taken from Android 4.4
1.3 - Fixed problems with parsing some zips depending on the rom original code
1.2 - Added 2 additional zip entry integrity checks that were missing
1.1 - Support for additional devices with modified core libraries (e.g. MTK6589)
2.0 - Fix bug 9950697; additional corrections taken from Android 4.4
1.3 - Fixed problems with parsing some zips depending on the rom original code
1.2 - Added 2 additional zip entry integrity checks that were missing
1.1 - Support for additional devices with modified core libraries (e.g. MTK6589)
More downloads Master Key multi-fix reached 50 000 - 100 000 downloads
What are users saying about Master Key multi-fix
G
by G####:
by G####:
Only 2 words, "thankfully grateful" to the developer
N
by N####:
by N####:
When done correct by installing expose your secure from master key threats.
N
by N####:
by N####:
Does what it's supposed to do
D
by D####:
by D####:
Terbaik
M
by M####:
by M####:
When done correct by installing expose your secure from master key threats.
M
by M####:
by M####:
Does what it's supposed to do
A
by A####:
by A####:
Thankyou
T
by T####:
by T####:
Cannot install on my s3 got the latest version of xposed framework and enabled the module followed by a reboot. Still when I open the app it says it is not enabled in xposed
U
by U####:
by U####:
I was hopping it could fix "-24" error, but it did not.
U
by U####:
by U####:
It did its job and fix my problem keep up the good job on this app
U
by U####:
by U####:
I works
O
by O####:
by O####:
Security issues rear their ugly heads every now and then... No worries as long as we have devs to help us laymen going on. Thanks, much appreciated.
R
by R####:
by R####:
Every phones, even the ones that doesn't come with alternative os, like cm, should take advantage with this.
U
by U####:
by U####:
After blue box update both vulnerabilities show ad patched also worked on zero 7 pro tablet(stock) FANTASTIC!!!!!
U
by U####:
by U####:
Patches installed(with xposed installer ) and blue box security says I'm patched now had both bugs as my phone is an mtk6589. Good work.
Y
by Y####:
by Y####:
Feel more secured :-) Anyway to get the fix to tablets?
R
by R####:
by R####:
It does what it's supposed to do.
U
by U####:
by U####:
Thanks for this
U
by U####:
by U####:
good work mate!
K
by K####:
by K####:
You
P
by P####:
by P####:
Modules like this really highlight the value of the Xposed framework. The module installs easily, fixes the referenced bugs, is open source and free. You can't ask for more!
S
by S####:
by S####:
After I installed this and Xposed and doing everything correctly Bluebox Security still says the second bug (9695860) is unpatched but the SRT App Scanner app says it is patched. Bluebox is WRONG because this patch works but just throwing it out there just in case anyone was confused.
U
by U####:
by U####:
Works great on Droid Bionic (rooted and stock)
U
by U####:
by U####:
Secures my phone way earlier than the manufacturer
U
by U####:
by U####:
There are a couple of fixes I found on the Play Store but when scanned by Bluebox it still says not patched. This one really works! Great job guys!
D
by D####:
by D####:
Once again xda development third parties input greatest community service
D
by D####:
by D####:
Successfully patched the master key vulnerabilities on my device. Great.
B
by B####:
by B####:
Good
N
by N####:
by N####:
When done correct by installing expose your secure from master key threats.
F
by F####:
by F####:
Successfully patched my Galaxy Y
N
by N####:
by N####:
Is there an extension developed by you to prevent force close on this app?
H
by H####:
by H####:
Thanks!
M
by M####:
by M####:
Successfully patched the master key vulnerabilities on my device. Great.
L
by L####:
by L####:
Good work , for android system
N
by N####:
by N####:
Works as it says it does.
N
by N####:
by N####:
Its working. Best best app
N
by N####:
by N####:
WTF are you talking? Did you have to pay for patch(app)? Does it have any strange permissions? Are there any adds in the app? Shut up and be grateful... or don't download it!
H
by H####:
by H####:
Awesome
M
by M####:
by M####:
Thankyou
by U####:
Great it fixed my bug 100% working thank you guys