It has come to our attention that a new way of brute force attack based on WPA2 standard using PMKID has come to light.
This attack actually is a brute force attack on WPA2 preshared key. The reason this attack is considered effective is because it can be performed offline, without actually attempting to connect to AP, based on a single sniffed packet from a valid key exchange.
This problem is not a vulnerability, but a way how wireless AP password can be guessed in an easier way.
In order to mitigate this type of attack you should use strong password that is hard to brute force.
To eliminate possibility of this attack entirely you can use WPA-PSK (do not forget to use aes-ccm encryption!). WPA-PSK does not include the field that is used to verify the password in this attack.