A faulty HP OneAgent update (version 1.2.50.9581) silently deleted Microsoft Entra ID certificates on HP's AI-enabled devices, breaking cloud authentication for affected organizations[^1]. The issue stemmed from a cleanup script in package SP161710 that indiscriminately removed certificates containing "1E" in their identifiers, inadvertently deleting critical MS-Organization-Access certificates needed for Entra ID authentication[^1].
The problem specifically affected HP's Next Gen AI models like the EliteBook X Flip G1i, with the update pushed through HP's AWS IoT backend without proper testing[^1]. While HP has pulled the problematic update, affected devices require manual intervention - either logging in with local admin credentials to rejoin Entra ID or using Microsoft Defender's Live Response for remote fixes[^1][^2].
According to HP, "The update is no longer available and will not affect more AI PCs. We're investigating the issue and working closely with impacted customers on mitigation"[^12].
[^1]: PatchMyPC - HP OneAgent Update Broke Entra Trust on HP AI Devices
[^2]: CyberSecurityNews - HP OneAgent Update Brokes Trust And Disconnect Devices From Entra ID
[^12]: BleepingComputer - HP pulls update that broke Microsoft Entra ID auth on some AI PCs