Samsung just began rolling out the Oreo Beta 2 to registered users of the Galaxy S8 and S8+. The update's changelog promises the inclusion of the October 2017 security patch. Unfortunately, after downloading the update, we've noticed this is not the case. Omission of the more recent security patch is notable in that it leaves devices vulnerable to several known exploits, such as KRACK.
The KRACK Wi-Fi vulnerability affects almost all Wi-Fi connected devices because it's an issue with a Wi-Fi protocol, not a single OS or platform like Android. It affects computers, smartphones, tablets, and other devices in equal proportions.
The security patches relevant to KRACK began rolling out with the October 2017 security update and continued into the November 2017 patch for some Samsung models. It is rather strange to see Samsung push out an update to the Oreo Beta so quickly, but not include the most recent security updates. For now, users of the beta will have to make do with the September 5, 2017 security patch that comes installed.
In addition to the KRACK vulnerability and outdated security patch, there have also been a number of bugs affecting the rollout of the Oreo Beta 2 update in the United States. At this point, the problems have affected so many users that Samsung pulled the update for T-Mobile and Sprint users altogether.
If you're currently on the first version of the beta, you can continue to check the Samsung Members app for updates on when the Beta 2 OTAs will resume. Let us know in the comments if you grabbed the update before it was pulled!
Become an Android phone expert with our Ultimate Guide to Android eBook.