Hub firmware updates are automatic provided your hub is connected 24/7

As of April 2026, the current firmware version for the BT Smart Hub 2 (SH2) is v0.45.00.08028

> As of April 2026, the current firmware version for the BT Smart Hub 2 (SH2) is v0.45.00.08028

I don't think it is - the firmware version on my hub is later than that (assuming a higher number means later).

I think that quite nicely proves my point - the Smart Hub 2 does not provide any way for the conscientious user to check that it is up-to-date.

Very poor.

Mine is v0.46.02.10311-BT.

So @roxburd as it is not possible to manually update your firmware, what action would you take differently if you knew what the latest version was rather than as now?

Yes, it is v0.46.02.10311-BT.

I've been running that since the 12th of December, (and I'm usually late to get it).

There was posts about a later build version, 0.46.02.42261, but it seems to have caused problems so I think they pulled it.

Time-wise, we must be about due for a v47.

> So @roxburd as it is not possible to manually update your firmware, what action would you take differently if you knew what the latest version was rather than as now?

If the unit was continually failing to get its required updates, @licquorice , it would be faulty. I would report it as faulty to BT and they would replace it. The new one would not be faulty and I would have a secure hub and a secure network.

A factory reset might jolt it back into updating.

Just be aware that a reset will drop the settings back to defaults and you will need to put any customisations in again.  It is possible to export the configuration first, however, and then reimport it after.

Where do I propose that BT publish their latest firmware version numbers, @licquorice  ?

Erm. Well, Ubuntu publish their SHA hashes here: https://releases.ubuntu.com/26.04/SHA256SUMS

Ubuntu know a thing or two about security.

I believe that BT has web servers too. Even better, it could put them in their FAQs. And code their support bots up to provide the info. Or, since that is where the user will really want it,  the hub itself could retrieve the info and present it to the user. There are many options.

Sadly, BT has taken the line "We know best - we update it. You silly user don't need to know." But not all their users are silly and some do want to know. BT's weak security approach has prevented us from keeping our systems secure.

From a cybersecurity perspective, the key thing is to provide the info over a secure channel, such as HTTPS (to prevent a man-in-the-middle attack). And to keep the server hosting the info secure (to prevent an at-rest modification/tampering attack).

This is all very old cyber 101. It is very sad that BT can't fulfil the simplest security requirements. Having worked for BT for 30 years, I know full-well why they are so incompetent - up until about the year 2000, they valued engineering above all. Then they started to value other things. "We are a people company", they said. Before then, they were a technology company with real technical competency. Now they are a people company, staffed by people who think the way to give great customer service is to apologise after it's all gone wrong.