Home » Privacy & Security

New WPA2 vulnerability limited in threat

By 26 July 2010 One Comment

There have been a number of news reports over the weekend about next week’s demonstration of a WPA2 enterprise mode vulnerability from security vendor AirTight Networks.  WPA2 is a set of security rating based on the IEEE 802.11i standard for wireless network security.  Jennifer Jabbusch has some good analysis of the implications of this new vulnerability.

Basically, the vulnerability could allow authenticated users (someone who already has access to the wireless network) to forge broadcast packets coming from the wireless Access Point.  It’s not entirely clear what the ramifications of this are, but we do know that there are much worse ramifications if an attacker already has full access to the network with legitimate login credentials.  That’s not to say that this issue isn’t something to be concerned about, but so far it seems like it’s lower down the list of priorities and things to worry about.

Update – Devin Akin has more.

One Comment »

  • Yagi Antennas said:

    I also heard about this vulnerabilty. But because you have to be authenticated to exploit it,I doubt it will be of a great concern for private users. On the other side, professional users with public WLAN configurations will have to keep an eye on this!

    cheers