Using the quickest web search in the west:
(AUGUST 2022) Here's the newest TCP update: https://www.rfc-editor.org/info/rfc9293 Quick overview: https://www.youtube.com/watch?v=gp0BGvluhB0
TCP still has this vulnerability called a SYN flood attack which to this day is handled server side using anomalous detection and things. There is also the question of if you even can patch that by updating the protocol.
However, what changes are made to TCP, you will notice are soft changes or soft forks if you will. They aren't disruptive, they just add on things.
Unlike Bitcoin, with TCP, they did actually sunset some things that people just don't do anymore which is why it wasn't disruptive, no one does them anymore.
How about SMTP?
Well, the Simple Mail Transfer Protocol became a permissioned protocol. Often if you try to set up SMTP on your home PC, your ISP will just say "no" and most people use big services like gmail, yahoo, tutanota, etc. If you're not on the list, you never show up in that user's inbox.