Select the product you need help with
- Internet Explorer
- Windows Phone
- More products
Overview of the Wi-Fi Protected Access (WPA) security update in Windows XP
Article ID: 815485 - View products that this article applies to.
This article discusses the new Wi-Fi Protected Access (WPA) update in Microsoft Windows XP.
The Institute of Electrical & Electronics Engineers (IEEE) 802.11i wireless networking standard specifies improvements to wireless local area networking (LAN) security. The 802.11i standard is currently in draft form, with ratification due at the end of 2003. The 802.11i standard addresses many of the security issues of the original 802.11 standard. While the new IEEE 802.11i standard is being ratified, wireless vendors have agreed on an interoperable interim standard known as Wi-Fi Protected Access (WPA).
For environments without a Remote Authentication Dial-In User Service (RADIUS) infrastructure, WPA supports the use of a preshared key. For environments with a RADIUS infrastructure, Extensible Authentication Protocol (EAP) and RADIUS is supported.
With WPA, a method known as Michael specifies a new algorithm that calculates an 8-byte message integrity code (MIC) using the calculation facilities available on existing wireless devices. The MIC is placed between the data portion of the IEEE 802.11 frame and the 4-byte ICV. The MIC field is encrypted together with the frame data and the ICV.
Michael also helps provide replay protection. A new frame counter in the IEEE 802.11 frame helps prevent replay attacks.
For Windows wireless clients, you must obtain an updated network adapter driver that supports WPA. For wireless network adapter drivers that are compatible with Windows XP (Service Pack 1), the updated network adapter driver must be able to pass the adapter's WPA capabilities and security configuration to the Wireless Zero Configuration service.
Microsoft has worked with many wireless vendors to embed the WPA firmware update in the wireless adapter driver. Therefore, to update your Windows wireless client, you just obtain the new WPA-compatible driver, and then install the driver. The firmware is automatically updated when the wireless network adapter driver is loaded in Windows.
For wireless clients that are running Windows XP Service Pack 1 (SP1) and that are using a wireless network adapter that supports the Wireless Zero Configuration service, you must obtain and install the Windows WPA Client. For wireless clients that are running Windows XP service pack 2 (SP2) and that are using a wireless network adapter that supports the Wireless Zero Configuration service, the Windows WPA Client is included in Windows XP SP2. Therefore, additional downloads are not needed. The Windows WPA Client updates the wireless network configuration dialog boxes to support new WPA options.
For more information and to obtain the WPA client program, click the following article number to view the article in the Microsoft Knowledge Base:
826942For wireless clients running Windows 2000 (or clients running Windows XP SP1 and using a wireless network adapter that does not support the Wireless Zero Configuration service), you must obtain and install a new WPA-compliant configuration tool from your wireless network adapter vendor.
(http://support.microsoft.com/kb/826942/ )Wireless update rollup package for Windows XP is available
Related Intel informationFor additional information, visit the following Intel Web site:
http://support.intel.com/support/wireless/wlan/pro2100/index.htmThe third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.