{"id":805170,"date":"2026-05-06T08:18:23","date_gmt":"2026-05-06T08:18:23","guid":{"rendered":"https:\/\/www.ninjaone.com\/?post_type=script_hub&#038;p=805170"},"modified":"2026-05-06T08:18:23","modified_gmt":"2026-05-06T08:18:23","slug":"how-to-mitigate-cve-2023-36884-powershell","status":"publish","type":"script_hub","link":"https:\/\/www.ninjaone.com\/pt-br\/script-hub\/how-to-mitigate-cve-2023-36884-powershell\/","title":{"rendered":"Dia 0 da Microsoft sem corre\u00e7\u00e3o: Como mitigar o CVE-2023-36884 com o PowerShell"},"content":{"rendered":"<p>As atualiza\u00e7\u00f5es do Patch Tuesday de julho de 2023 da Microsoft destacaram v\u00e1rias vulnerabilidades sob explora\u00e7\u00e3o ativa, incluindo uma (ou mais?) que permanece sem corre\u00e7\u00e3o. Veja o que voc\u00ea precisa saber sobre\u00a0CVE-2023-36884, uma vulnerabilidade de dia zero que os invasores est\u00e3o explorando para obter execu\u00e7\u00e3o remota de c\u00f3digo por meio de documentos do Microsoft Office &#8220;especialmente criados&#8221;.<\/p>\n<h2>O que \u00e9 o CVE-2023-36884?<\/h2>\n<p>Resposta curta: <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36884\" target=\"_blank\" rel=\"noopener\">A Microsoft caracteriza o CVE-2023-36884<\/a> como uma vulnerabilidade de execu\u00e7\u00e3o remota de c\u00f3digo HTML do Office e do Windows com um CVSS b\u00e1sico de 8,3.<\/p>\n<p>Resposta mais substancial: Por vir?<\/p>\n<p>Por enquanto, o aviso da empresa indica que a Microsoft ainda est\u00e1 investigando ativamente e n\u00e3o fornece muito al\u00e9m de uma descri\u00e7\u00e3o superficial. Ele afirma que a explora\u00e7\u00e3o bem-sucedida da vulnerabilidade pode permitir que um invasor execute c\u00f3digos remotamente no contexto da v\u00edtima, bastando engan\u00e1-la para que abra um documento do Microsoft Office especialmente elaborado.<\/p>\n<p>Curiosamente, o aviso tamb\u00e9m come\u00e7a afirmando: &#8220;A Microsoft est\u00e1 investigando relat\u00f3rios de uma <strong>s\u00e9rie<\/strong>de <strong>\u00a0vulnerabilidades de execu\u00e7\u00e3o remota de c\u00f3digo&#8221; (\u00eanfase minha), fazendo com que<\/strong> <a href=\"https:\/\/twitter.com\/wdormann\/status\/1678922526905233408?s=20\" target=\"_blank\" rel=\"noopener\">o especialista em vulnerabilidades Will Dormann teorize<\/a>: &#8220;O CVE-2023-36884 \u00e9 apenas um espa\u00e7o reservado para uma atualiza\u00e7\u00e3o que aborda v\u00e1rias vulnerabilidades por meio de um \u00fanico CVE, que pode ser lan\u00e7ado em algum momento desconhecido no futuro&#8221;<\/p>\n<p>Embora o aviso, por si s\u00f3, n\u00e3o tenha detalhes espec\u00edficos, ele cont\u00e9m um link para <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/07\/11\/storm-0978-attacks-reveal-financial-and-espionage-motives\/\" target=\"_blank\" rel=\"noopener\">uma postagem de blog<\/a> que esclarece melhor como a Microsoft o descobriu.<\/p>\n<h2>Espionagem e ransomware &#8211; explora\u00e7\u00e3o ativa do CVE-2023-36884<\/h2>\n<p>Em junho, <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/07\/11\/storm-0978-attacks-reveal-financial-and-espionage-motives\/\" target=\"_blank\" rel=\"noopener\">a Microsoft identificou<\/a> uma campanha de phishing lan\u00e7ada por um <a href=\"https:\/\/www.ninjaone.com\/it-hub\/seguranca-de-endpoints\/what-is-a-threat-actor\/\">agente de amea\u00e7as<\/a> que a Microsoft rastreia como Storm-0978. A campanha teve como alvo entidades governamentais e de defesa na Am\u00e9rica do Norte e na Europa, com iscas relacionadas ao Congresso Mundial da Ucr\u00e2nia. Os e-mails entregues como parte da campanha continham links para documentos do Word que abusavam do CVE-2023-36884 para instalar backdoors.<\/p>\n<p>Embora esses alvos e as atividades p\u00f3s-comprometimento sugiram motivos de espionagem, a Microsoft observa que, enquanto essa campanha estava sendo executada, ela tamb\u00e9m identificou o Storm-0978 conduzindo ataques de ransomware separados em alvos n\u00e3o relacionados usando as mesmas cargas iniciais.<\/p>\n<p>De acordo com a Microsoft, a atividade de ransomware do agente da amea\u00e7a tem sido, &#8220;em grande parte, de natureza oportunista e totalmente separada de alvos focados em espionagem&#8221;<\/p>\n<p>ATUALIZA\u00c7\u00c3O: Uma <a href=\"https:\/\/blogs.blackberry.com\/en\/2023\/07\/romcom-targets-ukraine-nato-membership-talks-at-nato-summit\" target=\"_blank\" rel=\"noopener\">an\u00e1lise t\u00e9cnica<\/a> ainda mais <a href=\"https:\/\/blogs.blackberry.com\/en\/2023\/07\/romcom-targets-ukraine-nato-membership-talks-at-nato-summit\" target=\"_blank\" rel=\"noopener\">detalhada dessa campanha<\/a> est\u00e1 dispon\u00edvel na BlackBerry.<\/p>\n<h2>H\u00e1 uma corre\u00e7\u00e3o dispon\u00edvel para o CVE-2023-36884?<\/h2>\n<p>No momento, n\u00e3o.<\/p>\n<p>A Microsoft sugere que ainda est\u00e1 investigando ativamente essa vulnerabilidade e, ap\u00f3s a conclus\u00e3o, a empresa &#8220;tomar\u00e1 as medidas apropriadas para ajudar a proteger nossos clientes&#8221;. Isso pode incluir o fornecimento de uma atualiza\u00e7\u00e3o de seguran\u00e7a por meio de nosso processo de lan\u00e7amento mensal ou de uma atualiza\u00e7\u00e3o de seguran\u00e7a fora do ciclo, dependendo das necessidades do cliente.&#8221;<\/p>\n<h2>Mitiga\u00e7\u00f5es para o CVE-2023-36884<\/h2>\n<p><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-36884\" target=\"_blank\" rel=\"noopener\">De acordo com a Microsoft<\/a>, existem atualmente tr\u00eas maneiras de as empresas se protegerem:<\/p>\n<ol>\n<li>Os clientes que usam o Microsoft Defender para Office est\u00e3o protegidos contra anexos que tentam explorar essa vulnerabilidade.<\/li>\n<li>Nas cadeias de ataque atuais, o uso da regra<a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoft-365\/security\/defender-endpoint\/attack-surface-reduction-rules-reference?view=o365-worldwide#block-all-office-applications-from-creating-child-processes\" target=\"_blank\" rel=\"noopener\">\u00a0Block all Office applications from creating child processes<\/a>\u00a0Attack Surface Reduction impedir\u00e1 que a vulnerabilidade seja explorada.<\/li>\n<li>As organiza\u00e7\u00f5es que n\u00e3o podem tirar proveito dessas prote\u00e7\u00f5es podem adicionar os seguintes nomes de aplicativos a essa chave de registro como valores do tipo REG_DWORD com dados 1..:<br \/>\nComputadorHKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftInternet ExplorerMainFeatureControlFEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION<\/li>\n<\/ol>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>Excel.exe<\/li>\n<li>Graph.exe<\/li>\n<li>MSAccess.exe<\/li>\n<li>MSPub.exe<\/li>\n<li>PowerPoint.exe<\/li>\n<li>Visio.exe<\/li>\n<li>WinProj.exe<\/li>\n<li>WinWord.exe<\/li>\n<li>Wordpad.exe<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p style=\"padding-left: 40px;\"><strong>Observa\u00e7\u00e3o: <\/strong>A Microsoft fornece um aviso de que, embora essas configura\u00e7\u00f5es de registro possam atenuar a explora\u00e7\u00e3o,\u00a0 elas tamb\u00e9m podem afetar a funcionalidade regular de determinados casos de uso relacionados a esses aplicativos. Portanto, \u00e9 importante fazer testes antes de implementar as altera\u00e7\u00f5es de forma ampla.<\/p>\n<h2>Como mitigar o CVE-2023-36884\u00a0usando o PowerShell<\/h2>\n<p>Para aqueles que est\u00e3o no terceiro grupo e consideram fazer as altera\u00e7\u00f5es no registro,\u00a0nosso engenheiro de produtos de software Kyle Bohlander criou o seguinte script que automatizar\u00e1 esse processo. A utiliza\u00e7\u00e3o desse script com o Ninja (ou o <a href=\"https:\/\/www.g2.com\/categories\/remote-monitoring-management-rmm\" target=\"_blank\" rel=\"noopener\">RMM de<\/a> sua <a href=\"https:\/\/www.g2.com\/categories\/remote-monitoring-management-rmm\" target=\"_blank\" rel=\"noopener\">prefer\u00eancia<\/a>) permitir\u00e1 que voc\u00ea <a href=\"https:\/\/www.ninjaone.com\/pt-br\/patch-management\/windows\/\">implemente a atenua\u00e7\u00e3o remotamente<\/a> e <a href=\"https:\/\/www.ninjaone.com\/webinar\/secrets-to-painless-patching-at-scale\/\">em escala<\/a>.<\/p>\n<p><strong>Observa\u00e7\u00e3o:<\/strong> Esse script n\u00e3o se limita apenas aos usu\u00e1rios do NinjaOne. Ele pode ser usado por qualquer pessoa. No entanto, conforme recomendado pela Microsoft, essa corre\u00e7\u00e3o deve ser implementada em m\u00e1quinas de teste antes de uma implementa\u00e7\u00e3o mais ampla. Como de costume, se voc\u00ea optar por execut\u00e1-lo, ser\u00e1 por sua pr\u00f3pria conta e risco.<\/p>\n<p><strong>Requisitos do dispositivo: <\/strong>Funciona nos sistemas Windows 7 e Windows Server 2008 e superiores.<\/p>\n<p><strong>Se voc\u00ea precisar reverter:<\/strong> As configura\u00e7\u00f5es da chave do registro podem ser desfeitas com o par\u00e2metro -Undo ou aplicadas a produtos espec\u00edficos do Office usando o par\u00e2metro -OfficeProducts.<\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><img decoding=\"async\" class=\"alignleft size-thumbnail wp-image-162511\" src=\"https:\/\/www.ninjaone.com\/wp-content\/uploads\/2023\/10\/kyle-bohlander.png\" alt=\"\" width=\"80\" height=\"80\" \/>Autor do roteiro: <strong><a href=\"https:\/\/www.linkedin.com\/in\/kyle-bohlander\/\" target=\"_blank\" rel=\"noopener\">Kyle Bohlander<\/a>, engenheiro de produtos de software da NinjaOne<\/strong><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"https:\/\/go.ninjaone.com\/l\/652283\/2023-07-13\/4dhscy\/652283\/1689270503D3a9HKAS\/CVE_2023_36844.ps1\" target=\"_blank\" rel=\"noopener\">Fa\u00e7a o download do arquivo de script aqui<\/a>.<br \/>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\">&lt;#\r\n.SYNOPSIS\r\n    This script will set the registry keys required to remediate CVE-2023-36884. Please note that these keys may effect regular functionality of Microsoft Office Products. \r\n    These changes can be undone with the -Undo parameter or applied only to specific office products using the -OfficeProducts parameter.\r\n.DESCRIPTION\r\n    This script will set the registry keys required to remediate CVE-2023-36884. Please note that these keys may effect regular functionality of Microsoft Office Products. \r\n    These changes can be undone with the -Undo parameter or applied only to specific office products using the -OfficeProducts parameter.\r\n.EXAMPLE\r\n    (No Parameters)\r\n    \r\n    Visio was selected for remediation.\r\n    Set Registry::HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftInternet ExplorerMainFeatureControlFEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATIONVisio.exe to 1\r\n    Success!\r\n    Word was selected for remediation.\r\n    Set Registry::HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftInternet ExplorerMainFeatureControlFEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATIONWinWord.exe to 1\r\n    Success!\r\n    Wordpad was selected for remediation.\r\n    Set Registry::HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftInternet ExplorerMainFeatureControlFEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATIONWordpad.exe to 1\r\n    Success!\r\n    Project was selected for remediation.\r\n    Set Registry::HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftInternet ExplorerMainFeatureControlFEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATIONWinProj.exe to 1\r\n    Success!\r\n    PowerPoint was selected for remediation.\r\n    Set Registry::HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftInternet ExplorerMainFeatureControlFEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATIONPowerPoint.exe to 1\r\n    Success!\r\n    Excel was selected for remediation.\r\n    Set Registry::HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftInternet ExplorerMainFeatureControlFEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATIONExcel.exe to 1\r\n    Success!\r\n    Publisher was selected for remediation.\r\n    Set Registry::HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftInternet ExplorerMainFeatureControlFEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATIONMsPub.exe to 1\r\n    Success!\r\n    Graph was selected for remediation.\r\n    Set Registry::HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftInternet ExplorerMainFeatureControlFEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATIONGraph.exe to 1\r\n    Success!\r\n    Access was selected for remediation.\r\n    Set Registry::HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftInternet ExplorerMainFeatureControlFEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATIONMSAccess.exe to 1\r\n    Success!\r\n\u200b\r\nPARAMETER: -Undo\r\n    Remove's the registry keys used for this fix (if they're set at all).\r\n.EXAMPLE\r\n    -Undo\r\n    \r\n    Visio was selected for remediation.\r\n    Succesfully removed registry key!\r\n    Word was selected for remediation.\r\n    Succesfully removed registry key!\r\n    Wordpad was selected for remediation.\r\n    Succesfully removed registry key!\r\n    Project was selected for remediation.\r\n    Succesfully removed registry key!\r\n    PowerPoint was selected for remediation.\r\n    Succesfully removed registry key!\r\n    Excel was selected for remediation.\r\n    Succesfully removed registry key!\r\n    Publisher was selected for remediation.\r\n    Succesfully removed registry key!\r\n    Graph was selected for remediation.\r\n    Succesfully removed registry key!\r\n    Access was selected for remediation.\r\n    Succesfully removed registry key!\r\n\u200b\r\nPARAMETER: -OfficeProducts \"Excel,Word\"\r\n    Set's the registry key for only those products. Can be given an individual product or a comma seperated list. Can also be used in combination with the -Undo parameter Ex. \"Publisher\" or \"Word,Excel,Access\"\r\n.EXAMPLE\r\n    -OfficeProducts \"Excel,Word\"\r\n    \r\n    Word was selected for remediation.\r\n    Set Registry::HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftInternet ExplorerMainFeatureControlFEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATIONWinWord.exe to 1\r\n    Success!\r\n    Excel was selected for remediation.\r\n    Set Registry::HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftInternet ExplorerMainFeatureControlFEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATIONExcel.exe to 1\r\n    Success!\r\n\u200b\r\n.OUTPUTS\r\n    None\r\n.NOTES\r\n    General notes\r\n#&gt;\r\n[CmdletBinding()]\r\nparam (\r\n    [Parameter()]\r\n    [String]$OfficeProducts = \"All\",\r\n    [Parameter()]\r\n    [Switch]$Undo\r\n)\r\n\u200b\r\nbegin {\r\n\u200b\r\n    # Test's if the script is running in an elevated fashion (required for HKLM edits)\r\n    function Test-IsElevated {\r\n        $id = [System.Security.Principal.WindowsIdentity]::GetCurrent()\r\n        $p = New-Object System.Security.Principal.WindowsPrincipal($id)\r\n        $p.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator)\r\n    }\r\n\u200b\r\n    # This is just to make setting regkey's easier\r\n    function Set-RegKey {\r\n        param (\r\n            $Path,\r\n            $Name,\r\n            $Value,\r\n            [ValidateSet(\"DWord\", \"QWord\", \"String\", \"ExpandedString\", \"Binary\", \"MultiString\", \"Unknown\")]\r\n            $PropertyType = \"DWord\"\r\n        )\r\n        if (-not $(Test-Path -Path $Path)) {\r\n            # Check if path does not exist and create the path\r\n            New-Item -Path $Path -Force | Out-Null\r\n        }\r\n        if ((Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue)) {\r\n            # Update property and print out what it was changed from and changed to\r\n            $CurrentValue = (Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue).$Name\r\n            try {\r\n                Set-ItemProperty -Path $Path -Name $Name -Value $Value -Force -Confirm:$false -ErrorAction Stop | Out-Null\r\n            }\r\n            catch {\r\n                Write-Error \"[Error] Unable to Set registry key for $Name please see below error!\"\r\n                Write-Error $_\r\n                exit 1\r\n            }\r\n            Write-Host \"$Path$Name changed from $CurrentValue to $($(Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue).$Name)\"\r\n        }\r\n        else {\r\n            # Create property with value\r\n            try {\r\n                New-ItemProperty -Path $Path -Name $Name -Value $Value -PropertyType $PropertyType -Force -Confirm:$false -ErrorAction Stop | Out-Null\r\n            }\r\n            catch {\r\n                Write-Error \"[Error] Unable to Set registry key for $Name please see below error!\"\r\n                Write-Error $_\r\n                exit 1\r\n            }\r\n            Write-Host \"Set $Path$Name to $($(Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue).$Name)\"\r\n        }\r\n    }\r\n\u200b\r\n    # All the microsoft office products with their corresponding dword value\r\n    $RemediationValues = @{ \"Excel\" = \"Excel.exe\"; \"Graph\" = \"Graph.exe\"; \"Access\" = \"MSAccess.exe\"; \"Publisher\" = \"MsPub.exe\"; \"PowerPoint\" = \"PowerPnt.exe\"; \"OldPowerPoint\" = \"PowerPoint.exe\" ; \"Visio\" = \"Visio.exe\"; \"Project\" = \"WinProj.exe\"; \"Word\" = \"WinWord.exe\"; \"Wordpad\" = \"Wordpad.exe\" }\r\n}\r\nprocess {\r\n\u200b\r\n    # Error out when not elevated\r\n    if (-not (Test-IsElevated)) {\r\n        Write-Error -Message \"Access Denied. Please run with Administrator privileges.\"\r\n        exit 1\r\n    }\r\n\u200b\r\n    # If they have a smaller selection we'll want to filter our remediation list\r\n    if ($OfficeProducts -notlike \"All\") {\r\n        $OfficeProducts = $OfficeProducts.split(',') | ForEach-Object { $_.Trim() }\r\n        $RemediationTargets = $RemediationValues.GetEnumerator() | ForEach-Object { $_ | Where-Object { $OfficeProducts -match $_.Key } }\r\n    }\r\n    else {\r\n        $RemediationTargets = $RemediationValues.GetEnumerator()\r\n    }\r\n\u200b\r\n    # Path to all the registry keys\r\n    $Path = \"Registry::HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftInternet ExplorerMainFeatureControlFEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION\"\r\n\u200b\r\n    # We'll want to display an error if we don't have anything to do\r\n    if ($RemediationTargets) { \r\n\u200b\r\n        # For Each product we're targeting we'll set the regkey. The Set-RegKey function already checks if it was succesful and will display an error and exit if it fails\r\n        $RemediationTargets | ForEach-Object { \r\n            Write-Host \"$($_.Name) was selected for remediation.\"\r\n            if (-not $Undo) {\r\n                Set-RegKey -Path $Path -Name $_.Value -Value 1\r\n                Write-Host \"Success!\"\r\n            }\r\n            else {\r\n                # If you only applied it to certain products this will error so instead we'll hide the errors and check afterwards if the registry key is there.\r\n                Remove-ItemProperty -Path $Path -Name $_.Value -ErrorAction SilentlyContinue | Out-Null\r\n                if (Get-ItemProperty -Path $Path -Name $_.Value -ErrorAction SilentlyContinue) {\r\n                    Write-Error \"[Error] Unable to undo registry key $($_.Value)!\"\r\n                    exit 1\r\n                }\r\n                else {\r\n                    Write-Host \"Succesfully removed registry key!\"\r\n                }\r\n            }\r\n        }\r\n\u200b\r\n        Write-Warning \"A reboot may be required.\"\r\n        exit 0\r\n    }\r\n    else {\r\n        Write-Host $RemediationTargets\r\n        Write-Warning \"No products were selected! The valid value's for -OfficeProducts is listed below you can also use a comma seperated list or simply put 'All'.\"\r\n        $RemediationValues | Sort-Object Name | Format-Table | Out-String | Write-Host\r\n        Write-Error \"ERROR: Nothing to do!\"\r\n        exit 1\r\n    }\r\n}<\/pre>\n<p>&nbsp;<\/p>\n<\/p>\n","protected":false},"author":28,"featured_media":140561,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","_lmt_disableupdate":"no","_lmt_disable":""},"operating_system":[4212],"use_cases":[12457],"class_list":["post-805170","script_hub","type-script_hub","status-publish","has-post-thumbnail","hentry","script_hub_category-windows"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.ninjaone.com\/pt-br\/wp-json\/wp\/v2\/script_hub\/805170","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ninjaone.com\/pt-br\/wp-json\/wp\/v2\/script_hub"}],"about":[{"href":"https:\/\/www.ninjaone.com\/pt-br\/wp-json\/wp\/v2\/types\/script_hub"}],"author":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/pt-br\/wp-json\/wp\/v2\/users\/28"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/pt-br\/wp-json\/wp\/v2\/comments?post=805170"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ninjaone.com\/pt-br\/wp-json\/wp\/v2\/media\/140561"}],"wp:attachment":[{"href":"https:\/\/www.ninjaone.com\/pt-br\/wp-json\/wp\/v2\/media?parent=805170"}],"wp:term":[{"taxonomy":"script_hub_category","embeddable":true,"href":"https:\/\/www.ninjaone.com\/pt-br\/wp-json\/wp\/v2\/operating_system?post=805170"},{"taxonomy":"use_cases","embeddable":true,"href":"https:\/\/www.ninjaone.com\/pt-br\/wp-json\/wp\/v2\/use_cases?post=805170"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}