"HP withdrew an update to its OneAgent software for Windows 11 after it was found to cause serious authentication problems on some AI PCs. The update removed crucial Microsoft certificates used by organizations to log in via Microsoft Entra ID. This caused systems to lose connection to their cloud environment. Rudy Ooms of Patch My PC discovered the error. He found that the problems arose after a silent background update from HP."
"This update installed a routine intended to remove remnants of old HP software called 1E Performance Assist. The attached script checked the Windows certificate store for entries containing the text 1E in the name or publisher, and then removed all certificates containing that text. Although the intention was to delete only outdated HP certificates, the approach proved too aggressive. Some Microsoft Entra ID certificates happened to contain the same string in their fingerprint or name."
"As a result, these legitimate certificates were also deleted, causing the devices to lose their connection to Entra ID and Intune. According to Ooms, in practice this meant that the trust relationship between Windows and the cloud completely disappeared, preventing users from logging in with their corporate accounts. Significant impact The problem is limited in scope. Only HP's new generation of AI PCs received the update, and only a small percentage of organizations use certificates containing the text 1E."
An HP OneAgent update for Windows 11 removed Microsoft certificates used for Microsoft Entra ID authentication on some AI PCs, breaking corporate logins and cloud trust. The update ran a cleanup script to remove remnants of HP 1E Performance Assist by deleting certificate entries containing '1E' in name, publisher, or fingerprint. Some legitimate Entra ID certificates contained '1E' and were deleted, disconnecting devices from Entra ID and Intune. Recovery requires administrators to sign in locally, re-register the device with Entra ID, and restore registration data; remote recovery via Microsoft Defender is possible. Only HP's new AI PC generation received the update, and HP has withdrawn it and is offering support.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]