Android 4.4.4 fixes an OpenSSL vulnerability

The latest version of Android (Android 4.4.4) for Nexus devices provides a security patch for the OpenSSL library.

Within three weeks after proposing Android 4.4.3 Nexus terminal users, Google has launched a latest version of its OS incorporating a fix for a serious vulnerability identified in the OpenSSL encryption library. Images plants Android 4.4.4 used to build version of KTU84P were provided for the Nexus terminals 4, 5, 7 and 10. The update will also also pushed automatically to the different terminals of Google. 

The update focuses on the security CVE-2014-0224, a vulnerability recently identified in OpenSSL, one of the most popular libraries supporting protocols SSL and TLS secure communications. CVE-2014-0224 vulnerability can be exploited by an attack like Man of the middle to decrypt and modify the traffic between a client and a server using OpenSSL simultaneously. The vulnerability has been fixed in OpenSSL 1.0.1h June 5.