I have done some limited research, and this attack seems to be an optimization of a known dictionary attack against MSCHAPv2, combined with an attack on the PPTP vpn protocol. Most real an detailed information lacks though at this moment.
This known attack allows someone who has access to the MSCHAPv2 negotiations to perform a brute force attack. This researcher offers an optimized dictionary attack on MSCHAPv2.
The security of PEAP-MSCHAPv2 lies since 1999 when this MSCHAPv2 vulnerability was discovered in certificate validation.
In your supplicant (client configuration), configure:
1) Certificate validation. When your client connects to a malicious AP and accepts a random certificate, enough information is leaked to brute-force (or dictionary) attack (trying all the possibilities) your password.
2) Configure the valid server list. Clients should only authenticate against your own RADIUS servers.
3) Configure the CA trust list to only the CA's that issued your certificates. When someone gets a certificate from a different CA, it will not be accepted.
When configured this way, all authentication traffic is tunneled in a trusted SSL session and an attacker has no access to the MSCHAPv2 information. Brute forcing the user password is not possible against a correctly configured EAP-PEAP client with the information that we have up to now.
Please note that in conference networks, and other networks where end-users configure their clients their selves, it is not possible to prevent (nor detect) users to misconfigure their clients. That will make those clients susceptible to the known attacks against MSCHAPv2; and that results into very juicy publicity.
Again, I have not found the real detailed information on this 'crack'. I suspect this information to become available. Based on that information a better assessment can be done. For now, I am not worried having a network with PEAP-MSCHAPv2 when clients are well configured. This configuration can be enforced in AD environments through Group Policies (GPO); or in other environments with ClearPass Onboard or Quick1x.