Google posts factory images for Android 4.4.4, mostly security patches

Has your device updated to Android 4.4.3 yet? Well, Android 4.4.4 is now rolling out. Google posted the factory images earlier today, and users of the Nexus 5 are starting to receive OTA updates as we speak.

What’s in the Android 4.4.4 update?

According to the changelogs floating about, the Android 4.4.4 update is mostly a security patch related to OpenSSL and a potential man-in-the-middle attack. The main bug appears to be the CVE-2014-0224, OpenSSL early CCS issue, which stems in part from the Heartbleed whopper we’ve all just gotten over. Here is a shortened sample of the changelog:

• 6da2c75 : CTS test for OpenSSL’s early CCS issue (CVE-2014-0224)
• e502d40 : Fix a concurrency bug in OpenSSLHeartbleedTest.
• 1856a4e : CTS test for Heartbleed vulnerability in SSLSocket.
• afae5d8 : Block access to java.lang.Object.getClass in injected Java objects

If you are interested in the nitty gritty of it all, check out the full changelog at the end of this post. So far, it looks like this update is not the next version of Android that we are all expecting to include a kill switch and run on ART instead of Dalvik. We also do not get a new name, the update still keeps KitKat in its title.

What devices will get this update?

We have no confirmed word yet as to the updated Android 4.4.4 plans for GPE devices, or the normal carrier supported units that most users have in hand. Please check out your manufacturer or carrier website to see when they plan to update your device, if ever.

Back to that Nexus 5 OTA update. If you are familiar with ADB sideloading and don’t want to wait for the official OTA to hit your device, head on over to the Google Dev site to download the KTU84P image, you might then head over to this XDA article to get started pushing the update to your machine.

Are you receiving the update yet?

Changelog: thanks to FunkyAndroid and JBQ.