- HP’s OneAgent update removed key certificates, breaking Entra ID login on some AI PCs
- Faulty script deleted Microsoft-issued certificates containing “1E”, cutting off trust in the cloud
- HP pulled the update and is helping affected users; only a small number were affected
A silent update for HP’s OneAgent software broke several of its AI PC devices, preventing some of its users from signing in to Microsoft Entra ID, and as a result, HP was forced to pull the update and help affected people.
OneAgent is a software responsible for system management and updates. It was recently updated to version 1.2.50.9581, and that update included a script designed to remove any files related to HP’s 1E Performance Assist software.
To do that, the script would search for and remove any certificates that contain the substring “1E” in their subject, issuer, or friendly name. Unfortunately, among them was a certificate called “MS-Organization-Access,” issued by Microsoft every time a device joins Microsoft Sign In ID or Intune. As soon as the script deletes the certificate, the device is disconnected from Entra ID and the credentials no longer work.
Silently falling from the cloud
The mishap was first spotted by Patch My PC security researcher Rudy Ooms, who said that “the entire Entra/Azure AD Join was gone!”
“With this, the devices silently fell from the cloud. All trust between Windows and Entra ID disappeared.”
However, the number of affected devices appears to be quite small. According to Ooms, since each company obtains a unique certificate, there is less than a 10% chance that the certificate contains the risky “1E” string. Additionally, since the script only affects HP AI PCs (first released about a year ago), the number of potentially affected devices is reduced even further.
In a statement shared with beepcomputerThe company said it has removed the faulty patch and is working to help affected users.
“HP is aware of a potential issue affecting some HP AI PCs related to a recent over-the-air update,” HP told the publication. “The update is no longer available and will not affect additional AI PCs. We are investigating the issue and working closely with affected customers to mitigate it.”
Through beepcomputer
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
The best cloud storage for every budget
