The WPA bug is in the standard (the separate blunder in wpa_supplicant notwithstanding) and TPM is about as closed as you can get.

The TLA's probably got some mileage out of the WPA bug, but it is far from the fire and forget flaws in Windows that were exposed after someone let an attack server unattended. I'm willing to let the 802.11 group skate on this one, although they should probably look up the meaning of the term "nonce" before continuing... :-/