In response to:
CIVI-SA-2014-001 - Risk of Information Disclosure
SECURITY Release 4.4.4
We have ensured that our non-Apache webservers are configured to prevent access to the affected directories and carried out testing of our Apache webservers to ensure that these are also protected. Hence even CiviCRM installations prior to 4.4.4 / 4.2.15 are protected on our servers.