Not sure if this one is going to be put out in automatic updates, but this new wireless hotfix for XP SP2 from Microsoft has some nice additions:
Changes for nonbroadcast networks
In Windows XP with Service Pack 2, Wireless Auto Configuration tries to match preferred wireless networks to wireless networks that broadcast their network name. If no network matches a preferred wireless network, Wireless Auto Configuration sends probe requests to determine whether the preferred networks are nonbroadcast networks. In this manner, a Windows XP wireless client advertises its list of preferred wireless networks. An observer may monitor these probe requests and configure a wireless network by using a name that matches a preferred wireless network. If the wireless network is not secured, this network could enable unauthorized connections to the computer.
The Wireless Client Update lets you configure wireless networks as broadcast networks or as nonbroadcast networks. Additionally, Wireless Auto Configuration sends probe requests only for nonbroadcast networks.
When you configure wireless networks in Windows XP, you can specify a wireless network as nonbroadcast by using the Connections tab in the properties dialog box of the wireless network. On a computer that is running Windows Vista or that is running Microsoft Windows Server Code Name “Longhorn,” you can also specify a wireless network as nonbroadcast by using the Wireless Network (IEEE 802.11) Policies node of Computer Configuration Group Policy.
Changes in parking behavior
On a computer that is running Windows XP with Service Pack 2, Wireless Auto Configuration may create a random wireless network name and put the wireless network adapter in infrastructure mode. This operation is known as parking the wireless network adapter. In this situation, the wireless adapter is not connected to any wireless network. However, the wireless adapter continues to scan for preferred wireless networks every 60 seconds.
Some wireless network adapter drivers may interpret this parking operation as a request to connect to a wireless network. Therefore, these drivers may send probe requests in search of a network that has the random name. Because the parking operation passes no security configuration the driver, the random wireless network might be an open system-authenticated wireless network that uses no encryption. An observer could monitor these probe requests and establish a connection with a parked Windows XP wireless client.
On a computer that has the Wireless Client Update installed, the request to park the wireless network adapter includes a security configuration that uses a random encryption key. This security configuration uses the most secure encryption method that the wireless network adapter supports. If the wireless network adapter supports WPA2, the security configuration uses Advanced Encryption Standard (AES) encryption together with a 128-bit encryption key. If the wireless network adapter supports WPA but does not support WPA2, the security configuration uses Temporal Key Integrity Protocol (TKIP) encryption together with a 128-bit encryption key. If the wireless network adapter supports Wired Equivalent Privacy (WEP) but does not support WPA2 or WPA, the security configuration uses WEP encryption together with a 128-bit encryption key.
Changes for ad hoc networks
On a computer that does not have the Wireless Client Update installed, Wireless Auto Configuration automatically tries to connect to all the wireless networks in the preferred networks list that have previously been connected to. If no infrastructure mode networks are present, Wireless Auto Configuration sends probe requests to try to connect to the first ad hoc wireless network in the preferred networks list. An observer could monitor these probe requests and establish an unsecured connection with a Windows wireless client.
On a computer that has the Wireless Client Update installed, Wireless Auto Configuration does not send probe requests to connect to newly created ad hoc wireless networks in the preferred networks list. Because many ad hoc wireless networks are created for temporary wireless connectivity, you must use the Choose a Wireless Network dialog box to manually initiate a connection to an ad hoc mode wireless network.
It can be download from Microsoft here
Just make sure you thoroughly test it before doing any widespread deployment.
One more thing…Subscribe to my newsletter and get 11 free network administrator tools, plus a 30 page user guide so you can get the most out of them. Click Here to get your free tools