According to PCWorld.com, wireless security researchers have discovered a vulnerability in the WPA2 security protocol.
An AirTight researcher who uncovered the flaw has dubbed it "Hole 196" in reference to the page of the IEEE 802.11 Standard (Revision, 2007) on which the vulnerability is buried. Hole 196 provides an avenue for man-in-the-middle-style exploits. The article explains:
a stipulation in the standard that allows all clients to receive broadcast traffic from an access point (AP) using a common shared key creates the vulnerability when an authorized user uses the common key in reverse and sends spoofed packets encrypted using the shared group key.
While "there's nothing in the standard to upgrade to in order to patch or fix the hole," says Kaustubh Phanse, AirTight's wireless architect, the ability to exploit the vulnerability is limited to authorized users.