Microsoft is not aware of active attacks or of customer impact, at least for now.
To exploit this issue, an attacker could gain information disclosure of a victim's domain credentials from the targeted device. An attacker could re-use a victim's domain credentials to authenticate the attacker to network resources, and the attacker could take any action that the user could take on that network resource.
There is no security patch available for this, but Microsoft suggests that you enable the certificate verification process before executing the PEAP-MS-CHAPv2 protocol to connect to Wi-Fi hotspots.
The bulletin contains instructions for configuring your Windows Phone versions 7.8 or 8 to fix the security flaw.