Wi-Fi Protected Setup is an optional certification program from the Wi-Fi Alliance that is designed to ease the task of setting up and configuring security on wireless local area networks. Wi-Fi Protected Setup enables typical users who possess little understanding of traditional Wi-Fi configuration and security settings to automatically configure new wireless networks, add new devices and enable security.
The Wi-Fi Simple Configuration Specification (WSC) is the underlying technology for the Wi-Fi Protected Setup certification.Almost all major vendors (including Cisco/Linksys, Netgear, D-Link, Belkin, Buffalo, ZyXEL and Technicolor) have WPS-certified devices, other vendors (eg. TP-Link) ship devices with WPS-support which are not WPS-certified.
WPS allows users to enter an 8 digit PIN to connect to a secured network without having to enter a passphrase. When a user supplies the correct PIN the access point essentially gives the user the WPA/WPA2 PSK that is needed to connect to the network.
According to VU#723755 an attacker within range of the wireless access point may be able to brute force the WPS PIN and retrieve the password for the wireless network, change the configuration of the access point, or cause a denial of service.
More technical information about this vulnerability can be found in this paper Brute forcing Wi-Fi Protected Setup.
A brute force tool, called Reaver, that makes use of this vulnerability has been released. Reaver is able to extract the WPA/WPA2 PSK from the access point within 4 - 10 hours. However I don't have a router with WPS in order to check it.