X-Ray scans your Android device to determine whether there are vulnerabilities that remain unpatched by your carrier. The X-Ray app presents you with a list of vulnerabilities that it is able to identify and allows you to check for the presence of each vulnerability on your device.
X-Ray has detailed knowledge about a class of vulnerabilities known as “privilege escalation” vulnerabilities. Such vulnerabilities can be exploited by a malicious application to gain root privileges on a device and perform actions that would normally be restricted by the Android operating system.
A number of such vulnerabilities have been discovered in the core Android platform, affecting nearly all Android devices.
Even more have been discovered in manufacturer-specific extensions that may affect a smaller subset of Android users. Unfortunately, many of these privilege escalation vulnerabilities remain unpatched on large populations of Android devices despite being several years old.
Mobile antivirus software attempts to discover malicious applications installed on your device. Unsurprisingly, mobile antivirus is quite ineffective in protecting against new attacks since the number of malicious apps that will be created is unbounded. Updating your antivirus signatures every day to address new threats is not a sustainable approach to security.
Instead of trying to detect all the possible malicious apps in the universe, X-Ray takes a different approach and seeks out the known vulnerabilities in the underlying mobile platform itself. X-Ray doesn’t care whether the apps on your device are good or bad, it only cares whether there are vulnerabilities present that bad apps often exploit to gain full control of your device.