MS: Windows Phone 8 Wi-Fi Vulnerable, Cannot Be Patched

Freshly Exhumed writes "Microsoft advises that a cryptographic problem in the PEAP-MS-CHAPv2 protocol used in Windows Phone 8 to provide WPA2 authentication allows a victim's encrypted domain credentials to be collected by an attacker posing as a typical WiFi access point. Redmond further states that this problem cannot be patched, although a set of manually entered configuration changes involving root certificates on all WP8 phones and on WiFi access points will apparently address the issue. WP7.8 phones are likewise vulnerable."

Re:Why can't it be patched?

[i kan reed]

Because the NSA won't let them?

Re:Oh please

[tysonedwards]

The fact that we have such lax tunnel security is a travesty.
I propose that we immediately bring in the TSA to man the entrance to every tunnel, for our children!

Rather than issue a security advisory..

[Trailer Trash]

They ought to just call the guy who bought one and explain it to him.

Re:oops...

[binarylarry]

Nah, whats the fun in hacking all 5 people who've bought Windows Phones?

Apple Newton probably has bigger marketshare right now.