Slashdot Mirror

← Back to Stories (view on slashdot.org)

MS: Windows Phone 8 Wi-Fi Vulnerable, Cannot Be Patched

Posted by timothy on Thursday August 8, 2013 @01:29AM from the is-there-a-workaround-for-the-workaround? dept.

Freshly Exhumed writes "Microsoft advises that a cryptographic problem in the PEAP-MS-CHAPv2 protocol used in Windows Phone 8 to provide WPA2 authentication allows a victim's encrypted domain credentials to be collected by an attacker posing as a typical WiFi access point. Redmond further states that this problem cannot be patched, although a set of manually entered configuration changes involving root certificates on all WP8 phones and on WiFi access points will apparently address the issue. WP7.8 phones are likewise vulnerable."

4 of 146 comments (clear)

Min score:

Reason:

Sort:

Re:Why can't it be patched? by i+kan+reed · 2013-08-08 01:32 · Score: 5, Funny

Because the NSA won't let them?
Re:Oh please by tysonedwards · 2013-08-08 01:41 · Score: 4, Funny

The fact that we have such lax tunnel security is a travesty.
I propose that we immediately bring in the TSA to man the entrance to every tunnel, for our children!

--
Thirty four characters live here.
Rather than issue a security advisory.. by Trailer+Trash · 2013-08-08 01:42 · Score: 4, Funny

They ought to just call the guy who bought one and explain it to him.

--
Do you have ESP?
Re:oops... by binarylarry · 2013-08-08 02:18 · Score: 4, Funny

Nah, whats the fun in hacking all 5 people who've bought Windows Phones?
Apple Newton probably has bigger marketshare right now.

--
Mod me down, my New Earth Global Warmingist friends!