Vulnerability resides in a Wi-Fi authentication scheme known as PEAP-MS-CHAPv2. Windows Phones use this scheme to access wireless networks protected by version 2 of the Wi-fi Protected Access protocol. Microsoft has not received any reports of this vulnerability being used to steal corporate data, passwords or breach a network to date. Instead, Microsoft advises users of Windows phones to require a certificate before joining wireless networks, and includes instructions for enforcing this in the phone settings.
Source: https://thehackernews.com/2013/08/hacking-windows-phone-wifi-tool-download.html