- HP’s OneAgent replace deleted key certificates, breaking Entra ID login on some AI PCs
- The defective script eliminated Microsoft-issued certificates containing “1E”, severing cloud belief
- HP pulled the replace and helps affected customers; solely a small quantity had been impacted
A silent replace for HP’s OneAgent software program broke various its AI PC units, stopping a few of its customers from logging into Microsoft Entra ID – and consequently, HP was compelled to tug the replace and help affected people.
OneAgent is a bit of software program answerable for system administration and updates. It was not too long ago up to date itself, to model 1.2.50.9581, and that replace included a script designed to take away any recordsdata associated to HP’s 1E Performance Assist software program.
To do this, the script would search, and delete, any certificates containing the “1E” substring in its topic, issuer, or pleasant title. Unfortunately, amongst them was a certificates known as “MS-Organization-Access”, issued by Microsoft each time a tool joins Microsoft Entra ID, or Intune. As quickly because the script deletes the certificates, the gadget disconnects from Entra ID and the credentials not work.
Silently falling out of the cloud
The mishap was first noticed by Rudy Ooms, safety researcher from Patch My PC, who mentioned that “the entire Entra/Azure AD Join was gone!”
“With it, the units had silently fallen out of the cloud. The complete belief between Windows and Entra ID disappeared.”
The variety of affected units appears to be fairly small, although. According to Ooms, since each firm will get a novel certificates, there’s lower than a ten% probability for the certificates to comprise the dangerous “1E” string. Also, because the script solely impacts HP’s AI PCs (first launched roughly a yr in the past), the variety of doubtlessly affected units shrinks additional.
In a press release shared with BleepingComputer, the corporate mentioned it pulled the defective patch and is engaged on helping affected customers.
“HP is conscious of a possible concern affecting some HP AI PCs associated to a current over the air replace,” HP advised the publication. “The replace is not out there and won’t have an effect on extra AI PCs. We’re investigating the difficulty and dealing carefully with impacted clients on mitigation.”
Via BleepingComputer
