What's the latest build/security update for AT&T S6 Edge+?

[torbach1]

Hi Everyone:

I've got the AT&T (928A) version of the S6 Edge+. My version info references only 1 date, which is Thursday October 1. I'm concerned that they're way behind on security updates, and I was misled into understanding that Samsung can roll those out without AT&T.

AT&T support claims that this is the build from November 12th, although this is a refurbished unit, so I didn't have this on or around November 12th. Can any of you on AT&T please check what the latest version is on your machine?

Mine says the following:
Android Version 5.1.1
Baseband version: G928AUCU2AOJ1
Kernel version: 3.10.61-5921265
dpi@SWHD7515 #1
Thu Oct 1 18:23:26 KST 2015
Build Number: LMY47X.G928AUCU2AOJ1
Security Enhancements for Android status:
Enforcing
SEPF_SAMSUNG-SM-G928A_5.1.1_0038
Thu Oct 01 18:47:26 2015
Security software version:
MDF v2.0 Release 4
VPN v1.4 Release 5.4

Any help/comparison would be appreciated. This security gap has me concerned enough that I'm not using my Edge+ at the moment, and instead am trying out the Nexus 6P due it having immediate security updates.

Thanks a lot!

 

[GeneralDreedle]

I'm on Verizon and my security patch is November 1. I'm disappointed too, one of my reasons for buying the Samsung was the promise of timely security updates and nothing for December or January.

 

[torbach1]

I'm on Verizon and my security patch is November 1. I'm disappointed too, one of my reasons for buying the Samsung was the promise of timely security updates and nothing for December or January.

Yeah, I'm in the same boat. I'm surprised Verizon is more up to date than AT&T. T-Mobile is on December. I went into Best Buy's Samsung support yesterday, and the Samsung guy basically said that this whole security update process is new, and Samsung and the carriers are still trying to figure out how to do this. It's kind of ironic. Google starts a program at the beginning of 2015 where they will pay people for finding vulnerabilities.They spent $2m in payouts. So of course people discovered Stagefright, Stagefright 2, etc. Suddenly Google had to deal with all of these. They started the monthly updates. But they didn't think through how long it will take the manufacturers and then the carriers to roll out these updates. Part of their deal is that once the vulnerability is fixed, it is published. So now, anyone can use it, but all of us are waiting for the manufacturers and the carriers to modify their code to include the security update in their code, regress to ensure that it didn't break anything, etc.

So in my case, people have 4 months from being told not just about Stagefright, but how to create that exploit, and when hopefully my carrier will update my phone. Broken system