- HP’s OneAgent update removed key certificates, breaking Entra ID login on some AI PCs
- The faulty script deleted Microsoft-issued certificates containing “1E,” thereby breaking trust in the cloud.
- HP has removed the update and is helping affected users; only a small number were affected
A silent update to HP’s OneAgent software broke a number of its PC AI devices, preventing some of its users from logging into Microsoft Entra ID – and as a result, HP was forced to pull the update and help those affected.
OneAgent is software responsible for system management and updates. It was recently updated itself, to version 1.2.50.9581, and that update included a script designed to remove all files related to the HP 1E Performance Assist software.
To do this, the script would search for and remove all certificates containing the substring “1E” in its subject, issuer, or friendly name. Unfortunately, among them was a certificate called “MS-Organization-Access”, issued by Microsoft every time a device joins Microsoft Entra ID, or Intune. As soon as the script deletes the certificate, the device logs out of Entra ID and the credentials no longer work.
Falling silently from the cloud
The incident was first spotted by Rudy Ooms, security researcher at Patch My PC, who said that “the entire Entra/Azure AD connection was gone!”
“Thanks to this, devices fell silently from the cloud. All trust between Windows and Entra ID disappeared.”
The number of affected devices, however, seems rather low. According to Ooms, because each company receives a unique certificate, there is less than a 10% chance that the certificate contains the risky “1E” chain. Additionally, since the script only affects HP AI PCs (first released about a year ago), the number of potentially affected devices decreases further.
In a statement shared with BeepComputerthe company said it has removed the faulty patch and is working to help affected users.
“HP is aware of a potential issue affecting certain HP AI computers related to a recent over-the-air update,” HP told the publication. “The update is no longer available and will not affect further PC AI. We are investigating the issue and working closely with affected customers to mitigate it.”
Via BeepComputer
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
The best cloud storage for every budget
