from the is-there-a-workaround-for-the-workaround? dept.
Freshly Exhumed writes "Microsoft advises that a cryptographic problem in the PEAP-MS-CHAPv2 protocol used in Windows Phone 8 to provide WPA2 authentication allows a victim's encrypted domain credentials to be collected by an attacker posing as a typical WiFi access point. Redmond further states that this problem cannot be patched, although a set of manually entered configuration changes involving root certificates on all WP8 phones and on WiFi access points will apparently address the issue. WP7.8 phones are likewise vulnerable."
The best book on programming for the layman is "Alice in Wonderland";
but that's because it's the best book on anything for the layman.