Chrysler worked with the guys that discovered the vulnerability and no doubt simply patched the current known bug allowing exploit from the cellular uplink. The system could be vulnerable again if a new exploit is discovered. I updated my Jeep a week or so ago and haven't had any issues -- yet.

Edit: After reading the paper it looks like the update from Chrysler blocks inbound tcp/ip now, and Sprint is also filtering traffic more aggressively.