Cisco Cisco Aironet 350 Wireless LAN Client Adapter
6
Release Notes for Cisco Aironet Client Adapter Firmware, Version 4.25.23
OL-2019-02
New and Changed Information
Step 11
Drag and drop the firmware image (PC3x0vxxxxx.img) from Windows Explorer to a location in the
ActiveSync window.
ActiveSync window.
Note
If your Windows CE device is a PPC running Windows CE 3.0, you must copy the firmware
image to the My Documents folder or a folder under My Documents.
image to the My Documents folder or a folder under My Documents.
Step 12
After the file is copied, disconnect the Windows CE device.
Step 13
Make sure the client adapter is installed in your Windows CE device and is operational.
Step 14
On your Windows CE device, select Start > Programs > Cisco > Load New Firmware.
Step 15
Click the Select Firmware button.
Step 16
Find the location of the new firmware image in the Open window.
Step 17
Click the new firmware image file (*.img) so it appears in the Name box at the bottom of the Open
window.
window.
Step 18
Click OK. If the selected image is loaded successfully into the client adapter’s Flash memory, a
“Firmware Upgrade Complete!” message appears on the Load New Firmware screen.
“Firmware Upgrade Complete!” message appears on the Load New Firmware screen.
New and Changed Information
This section describes new and changed information for release 4.25.23 of the Cisco Aironet client
adapter firmware.
adapter firmware.
Support for Enhanced Security
Client adapter firmware release 4.25.23 and Windows driver release 8.01.06 support three new security
features designed to prevent sophisticated attacks on your wireless network’s WEP keys. Access point
firmware version 11.10T or greater is required to enable these security features.
features designed to prevent sophisticated attacks on your wireless network’s WEP keys. Access point
firmware version 11.10T or greater is required to enable these security features.
•
Message Integrity Check (MIC) – MIC prevents bit-flip attacks on encrypted packets. During a
bit-flip attack, an intruder intercepts an encrypted message, alters it slightly, and retransmits it, and
the receiver accepts the retransmitted message as legitimate. The MIC adds a few bytes to each
packet to make the packets tamper-proof.
bit-flip attack, an intruder intercepts an encrypted message, alters it slightly, and retransmits it, and
the receiver accepts the retransmitted message as legitimate. The MIC adds a few bytes to each
packet to make the packets tamper-proof.
•
Temporal Key Integrity Protocol (TKIP) – This feature, also referred to as WEP key hashing,
defends against an attack on WEP in which the intruder uses the initialization vector (IV) in
encrypted packets to calculate the WEP key. TKIP removes the predictability that an intruder relies
on to determine the WEP key by exploiting IVs.
defends against an attack on WEP in which the intruder uses the initialization vector (IV) in
encrypted packets to calculate the WEP key. TKIP removes the predictability that an intruder relies
on to determine the WEP key by exploiting IVs.
•
Broadcast key rotation – EAP authentication provides dynamic unicast WEP keys for client devices
but uses static broadcast, or multicast, keys. When you enable broadcast WEP key rotation, the
access point provides a dynamic broadcast WEP key and changes it at the interval you select. When
you enable this feature, only wireless client devices using LEAP or EAP-TLS authentication can
associate to the access point. Client devices using static WEP (with open, shared key, or EAP-MD5
authentication) cannot associate.
but uses static broadcast, or multicast, keys. When you enable broadcast WEP key rotation, the
access point provides a dynamic broadcast WEP key and changes it at the interval you select. When
you enable this feature, only wireless client devices using LEAP or EAP-TLS authentication can
associate to the access point. Client devices using static WEP (with open, shared key, or EAP-MD5
authentication) cannot associate.