A faulty HP OneAgent update (version 1.2.50.9581) silently deleted Microsoft Entra ID certificates on HP’s AI-enabled devices, breaking cloud authentication for affected organizations[1]. The issue stemmed from a cleanup script in package SP161710 that indiscriminately removed certificates containing “1E” in their identifiers, inadvertently deleting critical MS-Organization-Access certificates needed for Entra ID authentication[1:1].

The problem specifically affected HP’s Next Gen AI models like the EliteBook X Flip G1i, with the update pushed through HP’s AWS IoT backend without proper testing[1:2]. While HP has pulled the problematic update, affected devices require manual intervention - either logging in with local admin credentials to rejoin Entra ID or using Microsoft Defender’s Live Response for remote fixes[1:3][2].

According to HP, “The update is no longer available and will not affect more AI PCs. We’re investigating the issue and working closely with impacted customers on mitigation”[3].

  1. PatchMyPC - HP OneAgent Update Broke Entra Trust on HP AI Devices ↩︎ ↩︎ ↩︎ ↩︎

  2. CyberSecurityNews - HP OneAgent Update Brokes Trust And Disconnect Devices From Entra ID ↩︎

  3. BleepingComputer - HP pulls update that broke Microsoft Entra ID auth on some AI PCs ↩︎