Microsoft announced the release of a security update for Windows XP Service Pack 2 (SP2) that introduces Wi-Fi Protected Access 2 (WPA2) support for wireless network group policy settings. With the update installed, administrators can use a single wireless group policy on different versions of Windows.
The company said that the update provides parity between Windows XP SP2 and the upcoming Windows Server 2003 SP2, which is due out in the first half of 2007. Incidentally, Windows XP SP3 is tenatively scheduled to be released sometime in the second half of 2007.
The update also changes the behavior of Windows XP wireless clients by preventing them from broadcasting information about the wireless networks on their preferred networks list. In XP SP2, network details were broadcast in an effort to locate a network that might not be advertising its presence. Due to that behavior, intruders could glean such information by monitoring the airwaves. The update introduces new settings to configure a network as either broadcast or nonbroadcast, and the latter will no longer be probed for.
Another change in behavior involves "parking" a wireless client in infrastructure mode. Previously a parked client was configured with a randomly generated name and no encryption required. The update causes the client to use a randomly generated encryption key, which helps prevent unwanted connectivity to the parked client.
A third change in behavior affects ad hoc mode. Previously XP SP2 would try to connect to all ad hoc networks in the system's preferred netork list. The new behavior requires that the user manually choose to connect to ad hoc networks.
The Microsoft article Description of the Wireless Client Update for Windows XP with Service Pack 2 (917021) explains the new behavior. The article includes a link to download the update.