George Ou blogs about a free WiFi driver checker from Aruba Networks.
Basically it scans domain computers via WMI using supplied credentials and reports if the wireless driver is vulnerable. They didn’t take the time to have it verify the computer is reachable, so there could be some long timeouts. I’ve seen other WMI scripts test first. They are testing with a tcp ping on 135 which they report will not work from XP computers.
Ou reports “When I spoke with the patch management companies at RSA 2007 in February and asked them about driver patches, they looked at me with a blank stare as if they didn’t even know what I was talking about.”
My vuln scanner does detect a couple of Intel 2200 BG vulnerabilities. But I’ve often wondered about the Broadcom drivers and the non-wifi drivers. It will be interesting to run this and see what, if anything, I’ve been missing.

this worked fine locally, but when I installed on a Windows 2003 to scan a subnet, it crashed. No, I haven’t reported the problem to the developer.