{"id":3191,"date":"2024-12-26T01:25:30","date_gmt":"2024-12-26T01:25:30","guid":{"rendered":"https:\/\/tastycounter.net\/index.php\/2024\/12\/26\/microsoft-liet-ke-ly-do-tai-sao-tpm-secure-boot-la-bat-buoc-tren-windows-11\/"},"modified":"2024-12-26T01:25:30","modified_gmt":"2024-12-26T01:25:30","slug":"microsoft-liet-ke-ly-do-tai-sao-tpm-secure-boot-la-bat-buoc-tren-windows-11","status":"publish","type":"post","link":"https:\/\/tastycounter.net\/index.php\/2024\/12\/26\/microsoft-liet-ke-ly-do-tai-sao-tpm-secure-boot-la-bat-buoc-tren-windows-11\/","title":{"rendered":"Microsoft li\u1ec7t k\u00ea l\u00fd do t\u1ea1i sao TPM, Secure Boot l\u00e0 b\u1eaft bu\u1ed9c tr\u00ean Windows 11"},"content":{"rendered":"<\/p>\n<div class=\"content-detail textview\">\n<div class=\"audio\"><audio controls><\/audio><\/div>\n<p>H\u01a1n ba n\u0103m tr\u01b0\u1edbc, khi Microsoft c\u00f4ng b\u1ed1 Windows 11, h\u1ec7 \u0111i\u1ec1u h\u00e0nh n\u00e0y \u0111\u00e3 l\u1eadp t\u1ee9c g\u00e2y ra nhi\u1ec1u tranh c\u00e3i. Kh\u00f4ng ch\u1ec9 v\u00ec giao di\u1ec7n kh\u00f4ng theo quy \u01b0\u1edbc m\u00e0 c\u00f2n v\u00ec y\u00eau c\u1ea7u ph\u1ea7n c\u1ee9ng cao, khi\u1ebfn nhi\u1ec1u h\u1ec7 th\u1ed1ng v\u1eabn c\u00f3 kh\u1ea3 n\u0103ng kh\u00f4ng th\u1ec3 ch\u1ea1y Windows 11 ch\u00ednh th\u1ee9c, \u0111\u01a1n c\u1eed nh\u01b0 tr\u01b0\u1eddng h\u1ee3p TPM v\u00e0 Secure Boot.<\/p>\n<p>Microsoft \u0111\u00e3 nhi\u1ec1u l\u1ea7n gi\u1ea3i th\u00edch l\u00fd do t\u1ea1i sao c\u00e1c t\u00ednh n\u0103ng nh\u01b0 TPM (Trusted Platform Module) 2.0, VBS (Virtualization-based Security) v\u00e0 Secure Boot l\u1ea1i quan tr\u1ecdng \u0111\u1ed1i v\u1edbi PC ch\u1ea1y Windows 11. Microsoft b\u1eaft bu\u1ed9c PC c\u1ee7a ng\u01b0\u1eddi d\u00f9ng ph\u1ea3i h\u1ed7 tr\u1ee3 nh\u1eefng t\u00ednh n\u0103ng n\u00eau tr\u00ean th\u00ec m\u1edbi c\u00f3 th\u1ec3 s\u1eed d\u1ee5ng Windows 11, v\u00ec nh\u1eefng l\u1ee3i \u00edch b\u1ea3o m\u1eadt n\u00e2ng cao m\u00e0 ch\u00fang mang l\u1ea1i, \u0111\u1ed3ng th\u1eddi c\u00f4ng b\u1ed1 c\u00e1c b\u1ea3n demo tr\u1ef1c quan \u0111\u1ec3 gi\u1ea3i th\u00edch r\u00f5 h\u01a1n v\u1ec1 c\u00e1ch th\u1ee9c ho\u1ea1t \u0111\u1ed9ng c\u1ee7a nh\u1eefng t\u00ednh n\u0103ng n\u00e0y.<\/p>\n<p>G\u1ea7n \u0111\u00e2y, v\u1edbi b\u1ea3n c\u1eadp nh\u1eadt t\u00ednh n\u0103ng Windows 11 24H2, Microsoft \u0111\u00e3 c\u1eadp nh\u1eadt m\u1ed9t trong nh\u1eefng b\u00e0i vi\u1ebft h\u1ed7 tr\u1ee3 tr\u00ean trang web ch\u00ednh th\u1ee9c c\u1ee7a m\u00ecnh c\u00f3 ti\u00eau \u0111\u1ec1 \u201cAutomatic Device Encryption via BitLocker\u201d (M\u00e3 h\u00f3a thi\u1ebft b\u1ecb t\u1ef1 \u0111\u1ed9ng th\u00f4ng qua BitLocker), m\u00e0 Microsoft g\u1ecdi l\u00e0 &#8220;Auto-DE&#8221;. \u0110\u00e1ng ch\u00fa \u00fd l\u00e0 t\u00e0i li\u1ec7u n\u00e0y c\u00f3 \u0111\u1ec1 c\u1eadp \u0111\u1ebfn l\u00fd do t\u1ea1i sao TPM v\u00e0 Secure Boot l\u00e0 b\u1eaft bu\u1ed9c \u0111\u1ed1i v\u1edbi Device Encryption.<\/p>\n<p>D\u01b0\u1edbi \u0111\u00e2y l\u00e0 n\u1ed9i dung t\u00e0i li\u1ec7u h\u1ed7 tr\u1ee3 tr\u01b0\u1edbc khi \u0111\u01b0\u1ee3c ch\u1ec9nh s\u1eeda<\/p>\n<blockquote>\n<p>T\u1ea1i sao t\u00ednh n\u0103ng Device Encryption l\u1ea1i kh\u00f4ng kh\u1ea3 d\u1ee5ng?<\/p>\n<p>Sau \u0111\u00e2y l\u00e0 c\u00e1c b\u01b0\u1edbc \u0111\u1ec3 x\u00e1c \u0111\u1ecbnh l\u00fd do t\u1ea1i sao Device Encryption c\u00f3 th\u1ec3 kh\u00f4ng kh\u1ea3 d\u1ee5ng:<\/p>\n<p>1. T\u1eeb menu Start, nh\u1eadp System Information, nh\u1ea5p chu\u1ed9t ph\u1ea3i v\u00e0o System Information trong danh s\u00e1ch k\u1ebft qu\u1ea3, sau \u0111\u00f3 ch\u1ecdn Run as administrator.<\/p>\n<p>2. Trong danh s\u00e1ch System Summary &#8211; Item, h\u00e3y t\u00ecm gi\u00e1 tr\u1ecb Automatic Device Encryption Support ho\u1eb7c Device Encryption Support.<\/p>\n<ul>\n<li>Gi\u00e1 tr\u1ecb cung c\u1ea5p l\u00fd do t\u1ea1i sao Device Encryption kh\u00f4ng th\u1ec3 \u0111\u01b0\u1ee3c k\u00edch ho\u1ea1t<\/li>\n<li>N\u1ebfu gi\u00e1 tr\u1ecb hi\u1ec3n th\u1ecb Meets prerequisites th\u00ec Device Encryption hi\u1ec7n kh\u1ea3 d\u1ee5ng tr\u00ean thi\u1ebft b\u1ecb c\u1ee7a b\u1ea1n.<\/li>\n<\/ul>\n<\/blockquote>\n<div id=\"articleads\" class=\"adbox adsense in-article\"><ins class=\"adsbygoogle\" style=\"text-align:center\" data-ad-format=\"fluid\" data-ad-layout=\"in-article\" data-ad-client=\"ca-pub-9275417305531302\" data-ad-slot=\"2079243249\"><\/ins><\/div>\n<p>C\u00f2n \u0111\u00e2y l\u00e0 <a title=\"Device Encryption in Windows\" href=\"https:\/\/quantrimang.com\/url?u=aHR0cHM6Ly9zdXBwb3J0Lm1pY3Jvc29mdC5jb20vZW4tdXMvd2luZG93cy9kZXZpY2UtZW5jcnlwdGlvbi1pbi13aW5kb3dzLWNmN2UyYjZmLTNlNzAtNDg4Mi05NTMyLTE4NjMzNjA1YjdkZg%3D%3D\" target=\"_blank\" rel=\"nofollow noopener\">n\u1ed9i dung t\u00e0i li\u1ec7u h\u1ed7 tr\u1ee3 <\/a>sau khi \u0111\u00e3 \u0111\u01b0\u1ee3c ch\u1ec9nh s\u1eeda<\/p>\n<blockquote>\n<p>T\u1ea1i sao t\u00ednh n\u0103ng Device Encryption l\u1ea1i kh\u00f4ng kh\u1ea3 d\u1ee5ng?<\/p>\n<p>Sau \u0111\u00e2y l\u00e0 c\u00e1c b\u01b0\u1edbc \u0111\u1ec3 x\u00e1c \u0111\u1ecbnh l\u00fd do t\u1ea1i sao Device Encryption c\u00f3 th\u1ec3 kh\u00f4ng kh\u1ea3 d\u1ee5ng:<\/p>\n<p>1. T\u1eeb menu Start, nh\u1eadp System Information, nh\u1ea5p chu\u1ed9t ph\u1ea3i v\u00e0o System Information trong danh s\u00e1ch k\u1ebft qu\u1ea3, sau \u0111\u00f3 ch\u1ecdn Run as administrator.<\/p>\n<p>2. Trong danh s\u00e1ch System Summary &#8211; Item, h\u00e3y t\u00ecm gi\u00e1 tr\u1ecb Automatic Device Encryption Support ho\u1eb7c Device Encryption Support.<\/p>\n<p>Gi\u00e1 tr\u1ecb m\u00f4 t\u1ea3 tr\u1ea1ng th\u00e1i h\u1ed7 tr\u1ee3 c\u1ee7a Device Encryption:<\/p>\n<ul>\n<li>Meets prerequisites: Device Encryption kh\u1ea3 d\u1ee5ng tr\u00ean thi\u1ebft b\u1ecb c\u1ee7a b\u1ea1n<\/li>\n<li>TPM is not usable: Thi\u1ebft b\u1ecb c\u1ee7a b\u1ea1n kh\u00f4ng c\u00f3 Trusted Platform Module (TPM), ho\u1eb7c TPM kh\u00f4ng \u0111\u01b0\u1ee3c b\u1eadt trong BIOS ho\u1eb7c UEFI.<\/li>\n<li>WinRE is not configured: Thi\u1ebft b\u1ecb c\u1ee7a b\u1ea1n kh\u00f4ng c\u00f3 Windows Recovery Environment \u0111\u01b0\u1ee3c c\u1ea5u h\u00ecnh.<\/li>\n<li>PCR7 binding is not supported: Secure Boot b\u1ecb v\u00f4 hi\u1ec7u h\u00f3a trong BIOS\/UEFI, ho\u1eb7c b\u1ea1n \u0111\u00e3 k\u1ebft n\u1ed1i c\u00e1c thi\u1ebft b\u1ecb ngo\u1ea1i vi v\u1edbi thi\u1ebft b\u1ecb c\u1ee7a m\u00ecnh trong qu\u00e1 tr\u00ecnh kh\u1edfi \u0111\u1ed9ng (nh\u01b0 giao di\u1ec7n m\u1ea1ng chuy\u00ean d\u1ee5ng, dock k\u1ebft n\u1ed1i ho\u1eb7c card \u0111\u1ed3 h\u1ecda ngo\u00e0i)<\/li>\n<\/ul>\n<\/blockquote>\n<p>V\u1ec1 c\u01a1 b\u1ea3n, b\u00e0i vi\u1ebft n\u00eau chi ti\u1ebft nh\u1eefng &#8220;\u0111i\u1ec1u ki\u1ec7n ti\u00ean quy\u1ebft&#8221; ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u00e1p \u1ee9ng \u0111\u00f3 l\u00e0 g\u00ec. Ch\u00fang bao g\u1ed3m TPM, WinRE (Windows Recovery Environment) v\u00e0 Secure Boot.<\/p>\n<p>B\u00ean c\u1ea1nh \u0111\u00f3, Microsoft c\u0169ng \u0111\u1ec1 c\u1eadp \u0111\u1ebfn PCR7. PCR, hay Platform Configuration Register, l\u00e0 m\u1ed9t v\u1ecb tr\u00ed b\u1ed9 nh\u1edb tr\u00ean TPM v\u00e0 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 l\u01b0u tr\u1eef c\u00e1c thu\u1eadt to\u00e1n b\u0103m. PCR profile 7, hay PCR7, l\u00e0 th\u1ee9 m\u00e0 BitLocker li\u00ean k\u1ebft. Li\u00ean k\u1ebft n\u00e0y \u0111\u1ea3m b\u1ea3o r\u1eb1ng kh\u00f3a m\u1eadt m\u00e3, trong tr\u01b0\u1eddng h\u1ee3p n\u00e0y l\u00e0 kh\u00f3a BitLocker, ch\u1ec9 t\u1ea3i trong m\u1ed9t kho\u1ea3ng th\u1eddi gian nh\u1ea5t \u0111\u1ecbnh trong qu\u00e1 tr\u00ecnh kh\u1edfi \u0111\u1ed9ng, kh\u00f4ng ph\u1ea3i tr\u01b0\u1edbc ho\u1eb7c sau.<\/p>\n<p>\u0110\u00e2y l\u00e0 n\u01a1i Secure Boot ph\u00e1t huy t\u00e1c d\u1ee5ng v\u00ec n\u00f3 x\u00e1c minh v\u00e0 x\u00e1c th\u1ef1c ch\u1ee9ng ch\u1ec9 Microsoft Windows PCA 2011 c\u1ea7n thi\u1ebft trong qu\u00e1 tr\u00ecnh kh\u1edfi \u0111\u1ed9ng, v\u00ec ch\u1eef k\u00fd kh\u00f4ng h\u1ee3p l\u1ec7 s\u1ebd d\u1eabn \u0111\u1ebfn BitLocker s\u1eed d\u1ee5ng c\u00e1c h\u1ed3 s\u01a1 kh\u00e1c ngo\u00e0i 7.<\/p>\n<p>S\u1ef1 quan t\u00e2m tr\u1edf l\u1ea1i \u0111\u1ed1i v\u1edbi BitLocker v\u00e0 m\u00e3 h\u00f3a tr\u00ean Windows 11 24H2 xu\u1ea5t hi\u1ec7n g\u1ea7n \u0111\u00e2y khi g\u00e3 kh\u1ed5ng l\u1ed3 Redmond b\u1ea5t ng\u1edd h\u1ea1 th\u1ea5p c\u00e1c y\u00eau c\u1ea7u OEM cho Auto-DE tr\u00ean phi\u00ean b\u1ea3n Windows m\u1edbi nh\u1ea5t, v\u00e0 do v\u1eady, ngay c\u1ea3 PC gia \u0111\u00ecnh c\u0169ng c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c m\u00e3 h\u00f3a t\u1ef1 \u0111\u1ed9ng. Ngay sau \u0111\u00f3, c\u00f4ng ty c\u0169ng \u0111\u00e3 ph\u00e1t h\u00e0nh m\u1ed9t h\u01b0\u1edbng d\u1eabn kh\u00f4i ph\u1ee5c v\u00e0 sao l\u01b0u ti\u1ec7n d\u1ee5ng cho kh\u00f3a BitLocker.<\/p>\n<p>C\u00e1ch \u0111\u00e2y kh\u00f4ng l\u00e2u, Microsoft c\u0169ng \u0111\u00e3 t\u00e1i kh\u1eb3ng \u0111\u1ecbnh TPM 2.0 l\u00e0 m\u1ed9t ti\u00eau chu\u1ea9n kh\u00f4ng th\u1ec3 th\u01b0\u01a1ng l\u01b0\u1ee3ng tr\u00ean h\u1ec7 \u0111i\u1ec1u h\u00e0nh c\u1ee7a m\u00ecnh.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>H\u01a1n ba n\u0103m tr\u01b0\u1edbc, khi Microsoft c\u00f4ng b\u1ed1 Windows 11, h\u1ec7 \u0111i\u1ec1u h\u00e0nh n\u00e0y \u0111\u00e3 l\u1eadp t\u1ee9c g\u00e2y ra nhi\u1ec1u tranh c\u00e3i. Kh\u00f4ng ch\u1ec9 v\u00ec giao di\u1ec7n kh\u00f4ng theo quy \u01b0\u1edbc m\u00e0 c\u00f2n v\u00ec y\u00eau c\u1ea7u ph\u1ea7n c\u1ee9ng cao, khi\u1ebfn nhi\u1ec1u h\u1ec7 th\u1ed1ng v\u1eabn c\u00f3 kh\u1ea3 n\u0103ng kh\u00f4ng th\u1ec3 ch\u1ea1y Windows 11 ch\u00ednh th\u1ee9c, \u0111\u01a1n [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3191","post","type-post","status-publish","format-standard","hentry","category-khong-phan-loai"],"_links":{"self":[{"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/posts\/3191","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/comments?post=3191"}],"version-history":[{"count":0,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/posts\/3191\/revisions"}],"wp:attachment":[{"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/media?parent=3191"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/categories?post=3191"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tastycounter.net\/index.php\/wp-json\/wp\/v2\/tags?post=3191"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}