{"id":51750,"date":"2017-08-18T16:26:18","date_gmt":"2017-08-18T08:26:18","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=51750"},"modified":"2017-08-18T16:46:31","modified_gmt":"2017-08-18T08:46:31","slug":"cve-2017-0199%ef%bc%9a%e6%96%b0%e7%9a%84%e6%83%a1%e6%84%8f%e8%bb%9f%e9%ab%94%e6%94%bb%e6%93%8apowerpoint%e6%bc%8f%e6%b4%9e","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=51750","title":{"rendered":"CVE-2017-0199\uff1a\u65b0\u7684\u60e1\u610f\u8edf\u9ad4\u653b\u64caPowerPoint\u6f0f\u6d1e"},"content":{"rendered":"

CVE-2017-0199 \u539f\u672c\u662f\u500b\u9060\u7aef\u57f7\u884c\u7a0b\u5f0f\u78bc\u7684\u96f6\u6642\u5dee\u6f0f\u6d1e\uff0c\u8b93\u653b\u64ca\u8005\u53ef\u4ee5\u7528\u4f86\u653b\u64ca\u5fae\u8edfOffice\u7684Windows\u7269\u4ef6\u9023\u7d50\u8207\u5d4c\u5165\uff08OLE\uff09\u4ecb\u9762\u4ee5\u6563\u64ad\u60e1\u610f\u8edf\u9ad4\u3002\u5b83\u901a\u5e38\u5229\u7528\u7684\u662f\u60e1\u610fRTF\u6587\u4ef6\uff0c\u4e5f\u5c31\u662f\u4eca\u5e74\u521d\u88abDRIDEX\u9280\u884c\u6728\u99ac<\/a>\u6240\u5229\u7528\u7684\u65b9\u5f0f\u3002<\/p>\n

<\/p>\n

\u8da8\u52e2\u79d1\u6280<\/a>\u6700\u8fd1\u770b\u5230\u4e86\u65b0\u6a23\u672c\uff08\u8da8\u52e2\u79d1\u6280\u5075\u6e2c\u70baTROJ_CVE20170199.JVU\uff09\u6703\u7528\u65b0\u7684\u65b9\u6cd5\uff08\u5229\u7528PowerPoint\u64ad\u653e\u6a21\u5f0f\uff09\u4f86\u5229\u7528CVE-2017-0199\u6f0f\u6d1e\uff0c\u9019\u662f\u6211\u5011\u7b2c\u4e00\u6b21\u770b\u5230\u6709\u5be6\u969b\u7684\u75c5\u6bd2\u5229\u7528\u9019\u65b9\u6cd5\u3002\u9019\u4e26\u975eCVE-2017-0199\u7b2c\u4e00\u6b21\u88ab\u5229\u7528\uff0c\u672c\u6587\u5c07\u5206\u6790\u9019\u500b\u65b0\u653b\u64ca\u624b\u6cd5,\u63d0\u4f9b\u5c0d\u6b64\u6f0f\u6d1e\u66f4\u52a0\u6df1\u5165\u7684\u898b\u89e3\uff0c\u85c9\u6b64\u4e86\u89e3\u6b64\u6f0f\u6d1e\u5728\u672a\u4f86\u53ef\u80fd\u5982\u4f55\u88ab\u5176\u4ed6\u653b\u64ca\u6d3b\u52d5\u88ab\u5229\u7528\u3002<\/p>\n

 <\/p>\n

\u6280\u8853\u5206\u6790<\/em><\/strong><\/p>\n

\"Figure<\/p>\n

\u57161<\/em>\uff1aTROJ_CVE20170199.JVU<\/em>\u611f\u67d3\u6d41\u7a0b<\/em><\/p>\n

\u507d\u88dd\u751f\u610f\u5925\u4f34\u7684\u767c\u9001\u7db2\u8def\u91e3\u9b5a\u96fb\u5b50\u90f5\u4ef6<\/strong><\/p>\n

\u6f0f\u6d1e\u653b\u64ca\u78bc\u662f\u4ee5\u9b5a\u53c9\u5f0f\u91e3\u9b5a\u653b\u64ca\uff08SPEAR PHISHING\uff09<\/a>\u9644\u4ef6\u7684\u65b9\u5f0f\u62b5\u9054\uff0c\u507d\u7a31\u4f86\u81ea\u96fb\u7dda\u5ee0\u5546\uff0c\u5be6\u969b\u4e0a\u5247\u662f\u6703\u690d\u5165\u4e00\u500b\u9060\u7aef\u5b58\u53d6\u5de5\u5177\u3002\u9019\u500b\u507d\u88dd\u662f\u6709\u539f\u56e0\u7684\uff0c\u56e0\u70ba\u9019\u4e9b\u653b\u64ca\u4e3b\u8981\u662f\u91dd\u5c0d\u96fb\u5b50\u88fd\u9020\u76f8\u95dc\u7684\u516c\u53f8\u3002\u6211\u5011\u76f8\u4fe1\u91dd\u5c0d\u6027\u653b\u64ca\/\u9396\u5b9a\u76ee\u6a19\u653b\u64ca(Targeted attack )<\/a>\u6703\u507d\u88dd\u751f\u610f\u5925\u4f34\u7684\u96fb\u5b50\u90f5\u4ef6\u5730\u5740\u4f86\u5bc4\u9001\u90f5\u4ef6\u3002<\/p>\n

 <\/p>\n

\u90f5\u4ef6\u6a23\u672c\u5167\u5bb9\u5982\u4e0b\uff1a<\/p>\n

\"Figure<\/p>\n

\u57162<\/em>\uff1a\u9b5a\u53c9\u5f0f\u91e3\u9b5a\u90f5\u4ef6\u6a23\u672c<\/em><\/p>\n

 <\/p>\n

\u96d6\u7136\u96fb\u5b50\u90f5\u4ef6\u672c\u8eab\u6709\u63d0\u5230\u8a02\u55ae\u8acb\u6c42\uff0c\u4f46\u6536\u5230\u90f5\u4ef6\u7684\u4f7f\u7528\u8005\u770b\u4e0d\u5230\u5546\u696d\u6587\u4ef6\uff0c\u800c\u662f\u6703\u770b\u5230\u4e00\u500bPPSX\u6a94\u6848\uff0c\u9ede\u64ca\u5f8c\u6703\u986f\u793a\u5982\u4e0b\uff1a<\/p>\n

\"Figure<\/p>\n

\u57163<\/em>\uff1a\u5229\u7528CVE-2017-0199<\/em>\u6f0f\u6d1e\u7684PPSX<\/em>\u6a94\u6848\u622a\u5716<\/em><\/p>\n

 <\/p>\n

\u4e00\u65e6\u958b\u555f\u60e1\u610fPowerPoint\u6a94\u6848\uff0c\u5b83\u6703\u986f\u793a\u6587\u5b57\u201cCVE-2017-8570\u201d\uff0c\u9019\u662f\u53e6\u4e00\u500b\u4e0d\u540c\u7684\u5fae\u8edfOffice\u6f0f\u6d1e\u3002\u4e0d\u904e\u6839\u64da\u6211\u5011\u7684\u5206\u6790\uff0c\u5b83\u5be6\u969b\u4e0a\u653b\u64ca\u7684\u662fCVE-2017-0199\u3002\u9019\u662f\u653b\u64ca\u5957\u4ef6\u958b\u767c\u8005\u6240\u7559\u4e0b\u4f86\u7684\u932f\u8aa4\uff0c\u800c\u90f5\u4ef6\u5bc4\u9001\u8005\u4e26\u6c92\u6709\u53bb\u66f4\u6b63\u5b83\u3002<\/p>\n

\u9019\u6a94\u6848\u6703\u89f8\u767c ppt\/slides\/_rels\/slide1[.]xml[.]rels<\/em>\u5167\u7684\u8173\u672c\u3002\u6f0f\u6d1e\u653b\u64ca\u78bc\u6703\u57f7\u884c\u5728hxxp:\/\/192[.]166[.]218[.]230:3550\/logo[.]doc<\/em>\u7684\u9060\u7aef\u7a0b\u5f0f\u78bc\uff0c\u9019\u662f\u653b\u64ca\u8005\u6240\u5229\u7528\u7684VPN\u6216\u4ee3\u7ba1\u670d\u52d9\u3002<\/p>\n

\"Figure<\/p>\n

\u57164<\/em>\uff1a\u5167\u5d4c\u5728PPT\/slides\/_rels\/slide1.xml.rels<\/em>\u6703\u9023\u7d50\u9060\u7aef\u60e1\u610f\u7a0b\u5f0f\u78bc\u7684\u60e1\u610f\u8173\u672c\u3002<\/em><\/p>\n

 <\/p>\n

\u4e00\u65e6\u57f7\u884c\u9019\u6a23\u672c\uff0cPowerPoint\u5c07\u521d\u59cb\u5316\u8173\u672c\u4e26\u900f\u904ePowerPoint\u64ad\u653e\u6a21\u5f0f\u7684\u52d5\u756b\u529f\u80fd\u4f86\u57f7\u884c\u9060\u7aef\u60e1\u610f\u7a0b\u5f0f\u78bc\u3002<\/p>\n

\u6839\u64da\u4e0b\u9762\u7684\u622a\u5716\uff0c\u6211\u5011\u53ef\u4ee5\u770b\u5230\u5728\u8a72\u6f0f\u6d1e\u88ab\u653b\u64ca\u6210\u529f\u5f8c\uff0c\u5b83\u6703\u5f9e\u7db2\u8def\u4e0b\u8f09\u6a94\u6848logo.doc\uff08\u8da8\u52e2\u79d1\u6280\u5075\u6e2c\u70baJS_DLOADER.AUSYVT\uff09\u3002<\/p>\n

\"Figure<\/p>\n

\u57165<\/em>\uff1a\u6210\u529f\u4e0b\u8f09logo.doc<\/em>\u6a94\u6848<\/em><\/p>\n

\"Figure<\/p>\n

\u57166<\/em>\uff1alogo.doc<\/em>\u4e26\u4e0d\u662fdoc<\/em>\u6587\u4ef6\uff0c\u800c\u662f\u6703\u4e0b\u8f09RATMAN.EXE<\/em>\u7684XML<\/em><\/p>\n

 <\/p>\n

\u9019\u500blogo.doc\u6a94\u6848\u5176\u5be6\u662f\u5e36\u6709JavaScript\u7a0b\u5f0f\u78bc\u7684XML\u6a94\u6848\uff0c\u6703\u57f7\u884cPowerShell\u547d\u4ee4\u53bb\u4e0b\u8f09\u4e26\u57f7\u884c\u6a94\u6848 \u2013 RATMAN.EXE\uff08\u8da8\u52e2\u79d1\u6280\u6aa2\u6e2c\u70baBKDR_RESCOMS.CA\uff09\u3002\u9019\u53ef\u57f7\u884c\u6a94\u5be6\u969b\u4e0a\u662f\u4f86\u81ea\u547d\u4ee4\u8207\u63a7\u5236\uff08C&C\uff09\u4f3a\u670d\u5668\u7684\u6728\u99ac\u5316REMCOS\u9060\u7aef\u5b58\u53d6\u5de5\u5177\uff08RAT\uff09<\/a>\uff1ahxxp:\/\/192[.]166[.]218[.]230:3550\/ratman[.]exe<\/em>\uff0c\u9019IP\u4f4d\u5728\u6ce2\u862d\u3002192[.]166[.]218[.]230<\/em>\u4e5f\u4ee3\u7ba1\u4e86\u5176\u4ed6\u7684\u9060\u7aef\u5b58\u53d6\u5de5\u5177\u3002RATMAN.EXE\u63a5\u8457\u6703\u9023\u5230\u4f4d\u57285[.]134[.]116[.]146:3550<\/em>\u7684C&C\u4f3a\u670d\u5668\u4f86\u7e7c\u7e8c\u57f7\u884c\u3002<\/p>\n

 <\/p>\n

\u6aa2\u8996Ratman.EXE<\/em><\/strong>\uff08\u53c8\u7a31REMCOS RAT<\/em><\/strong>\uff09<\/em><\/strong><\/p>\n

REMCOS RAT\u539f\u672c\u662f\u5408\u6cd5\u4e14\u53ef\u5ba2\u88fd\u5316\u7684\u9060\u7aef\u5b58\u53d6\u5de5\u5177\uff0c\u53ef\u4ee5\u8b93\u4f7f\u7528\u8005\u5f9e\u4e16\u754c\u4e0a\u7684\u4efb\u4f55\u5730\u65b9\u4f86\u63a7\u5236\u7cfb\u7d71\u3002\u4e00\u65e6\u57f7\u884c\u4e86REMCOS\uff0c\u5c31\u53ef\u4ee5\u8b93\u4f7f\u7528\u8005\u5728\u7cfb\u7d71\u4e0a\u57f7\u884c\u9060\u7aef\u547d\u4ee4\u3002\u8a72\u5de5\u5177\u7684\u529f\u80fd\u53ef\u4ee5\u5f9e\u4e0b\u9762\u7684\u4e3b\u63a7\u53f0\u622a\u5716\u770b\u51fa\uff0c\u8b93\u6211\u5011\u53ef\u4ee5\u60f3\u50cf\u5f97\u51fa\u9019\u6771\u897f\u4e00\u65e6\u9032\u5165\u4f7f\u7528\u8005\u7cfb\u7d71\u80fd\u5920\u505a\u4ec0\u9ebc\u3002\u9019\u5de5\u5177\u5177\u5099\u76f8\u7576\u5168\u9762\u7684\u529f\u80fd\uff0c\u5305\u62ec\u4e0b\u8f09\u548c\u57f7\u884c\u547d\u4ee4\u3001\u9375\u76e4\u5074\u9304\u3001\u87a2\u5e55\u5074\u9304\u4ee5\u53ca\u4f7f\u7528\u7db2\u8def\u651d\u5f71\u6a5f\u548c\u9ea5\u514b\u98a8\u4f86\u9304\u97f3\u9304\u5f71\u3002<\/p>\n

\"Figure<\/p>\n

\u57167<\/em>\uff1aREMCOS RAT<\/em>\u4e3b\u63a7\u53f0\u622a\u5716<\/em><\/p>\n

 <\/p>\n

\u96d6\u7136REMCOS\u901a\u5e38\u53ea\u7528UPX\u548cMPRESS\u58d3\u7e2e\uff0c\u6211\u5011\u6240\u6536\u96c6\u5230\u7684\u6728\u99ac\u6a23\u672c\u4f7f\u7528\u4e86\u672a\u77e5\u7684.NET\u4fdd\u8b77\uff0c\u5b83\u63d0\u4f9b\u6578\u7a2e\u4fdd\u8b77\u548c\u6df7\u6dc6\u80fd\u529b\uff0c\u8b93\u7814\u7a76\u4eba\u54e1\u66f4\u96e3\u53bb\u9032\u884c\u9006\u5411\u5de5\u7a0b\u3002<\/p>\n

\"Figure<\/p>\n

\u57168<\/em>\uff1a\u6a23\u672c\u5167\u6df7\u6dc6\u904e\u7684\u7a0b\u5f0f\u78bc<\/em><\/p>\n

 <\/p>\n

\u89e3\u958b\u6a23\u672c\u5f8c\uff0c\u88e1\u9762\u51fa\u73fe\u7684\u5b57\u4e32\u986f\u793a\u5176\u539f\u672c\u57fa\u65bc\u7684REMCOS\u5ba2\u6236\u7aef\u7248\u672c\u3002<\/p>\n

\"Figure<\/p>\n

\u57169<\/em>\uff1a\u89e3\u958b\u5f8c\u7684\u6a23\u672c\u5b57\u4e32<\/em><\/p>\n

 <\/p>\n

REMCOS\u4f7f\u7528\u52a0\u5bc6\u901a\u8a0a\uff0c\u5305\u62ec\u7528\u4f86\u8a8d\u8b49\u7684\u5167\u5efa\u5bc6\u78bc\u548c\u7db2\u8def\u6d41\u91cf\u52a0\u5bc6\u3002\u56e0\u6b64\uff0c\u70ba\u4e86\u8b93RATMAN.EXE\u8207\u5176\u5ba2\u6236\u7aef\u9032\u884c\u901a\u8a0a\uff0c\u5c31\u5fc5\u9808\u8a2d\u5b9a\u5c0d\u61c9\u7684\u7aef\u53e3\u548c\u5bc6\u78bc\u3002<\/p>\n

\"Figure<\/p>\n

\u571610<\/em>\uff1a\u4f7f\u7528REMCOM RAT<\/em>\u5de5\u5177<\/em><\/p>\n

 <\/p>\n

\u6700\u5f8c\uff0c\u4f7f\u7528\u9019\u65b0\u7684\u624b\u6cd5\u662f\u57fa\u65bc\u5be6\u7528\u8003\u616e\uff1b\u56e0\u70ba\u5927\u591a\u6578\u91dd\u5c0dCVE-2017-0199\u7684\u5075\u6e2c\u65b9\u5f0f\u8457\u91cd\u5728RTF\u653b\u64ca\u6a21\u5f0f\uff0c\u5229\u7528\u65b0\u8f09\u9ad4\uff08PPSX\u6a94\u6848\uff09\u53ef\u4ee5\u8b93\u653b\u64ca\u8005\u8eb2\u907f\u9632\u6bd2\u8edf\u9ad4\u5075\u6e2c\u3002<\/p>\n

 <\/p>\n

\u5efa\u8b70\u4f5c\u6cd5\u548c\u8da8\u52e2\u79d1\u6280\u7684\u89e3\u6c7a\u65b9\u6848<\/em><\/strong><\/p>\n

\u9019\u985e\u7684\u6848\u4f8b\u5f37\u8abf\u4e86\u4f7f\u7528\u8005\u5728\u958b\u555f\u90f5\u4ef6\u5167\u7684\u6a94\u6848\u6216\u9023\u7d50\u6642\u8981\u7279\u5225\u5c0f\u5fc3\u8b39\u614e\uff0c\u5373\u4f7f\u770b\u4f3c\u4f86\u81ea\u6b63\u5e38\u7684\u4f86\u6e90\u3002\u9b5a\u53c9\u5f0f\u7db2\u8def\u91e3\u9b5a\u7684\u624b\u6cd5\u53ef\u80fd\u76f8\u7576\u8907\u96dc\uff0c\u800c\u4e14\u5c31\u5982\u6b64\u4f8b\u4e2d\u6240\u770b\u5230\uff0c\u53ef\u4ee5\u8a98\u9a19\u5927\u591a\u6578\u7684\u4f7f\u7528\u8005\u4e0b\u8f09\u60e1\u610f\u6a94\u6848\u3002\u90e8\u7f72\u5c0d\u6297\u91e3\u9b5a\u5f0f\u653b\u64ca\u7684\u5408\u9069\u89e3\u6c7a\u6280\u8853<\/a>\u53ef\u4ee5\u8b93\u4f7f\u7528\u8005\u505a\u4e00\u958b\u59cb\u5c31\u5c01\u9396\u4f4f\u60e1\u610f\u8edf\u9ad4\u6240\u5229\u7528\u7684\u96fb\u5b50\u90f5\u4ef6\u3002<\/p>\n

\u4f7f\u7528\u8005\u4e5f\u61c9\u8a72\u8981\u6301\u7e8c\u4fee\u88dc\u7cfb\u7d71\u8207\u5b89\u88dd\u5b89\u5168\u66f4\u65b0\u3002\u56e0\u70ba\u5fae\u8edf\u5df2\u7d93\u65bc\u56db\u6708\u4fee\u88dc\u4e86\u9019\u500b\u6f0f\u6d1e\uff0c\u6240\u4ee5\u5df2\u7d93\u66f4\u65b0\u4fee\u88dc\u7a0b\u5f0f\u7684\u4f7f\u7528\u8005\u5728\u9762\u5c0d\u6b64\u653b\u64ca\u6642\u662f\u5b89\u5168\u7684\u3002<\/p>\n

\u9664\u4e86\u90e8\u7f72\u6709\u6548\u7684\u7de9\u89e3\u6280\u8853\uff0c\u4f7f\u7528\u591a\u5c64\u6b21\u9632\u8b77\u6280\u8853\uff08\u5982Deep Discovery<\/a>\uff09\u53ef\u4ee5\u5373\u6642\u5075\u6e2c\u3001\u6df1\u5165\u5206\u6790\u4e26\u4e3b\u52d5\u56de\u61c9\u73fe\u4eca\u7684\u96b1\u853d\u5f0f\u60e1\u610f\u8edf\u9ad4\u548c\u91dd\u5c0d\u6027\u653b\u64ca\u3002\u5b83\u63d0\u4f9b\u4f01\u696d\u91cf\u8eab\u6253\u9020\u7684\u9632\u79a6\u80fd\u529b\uff0c\u900f\u904e\u7279\u88fd\u5f15\u64ce\u3001\u5ba2\u88fd\u5316\u6c99\u7bb1<\/a>\u548c\u7121\u7e2b\u95dc\u806f\u6280\u8853\u4f86\u8de8\u8d8a\u6574\u500b\u653b\u64ca\u751f\u547d\u9031\u671f\u5c0d\u6297\u91dd\u5c0d\u6027\u653b\u64ca\u548c\u9032\u968e\u5a01\u8105\u3002<\/p>\n

\u8da8\u52e2\u79d1\u6280Deep Security<\/a>\u548c\u8da8\u52e2\u79d1\u6280 Vulnerability Protection \u6f0f\u6d1e\u9632\u8b77<\/a>\u63d0\u4f9b\u865b\u64ec\u4fee\u88dc\u6280\u8853<\/a>\uff0c\u53ef\u4ee5\u4fdd\u8b77\u7aef\u9ede\u5c0d\u6297\u6f0f\u6d1e\u653b\u64ca\u5a01\u8105\u3002\u8da8\u52e2\u79d1\u6280 OfficeScan<\/a>\u2122\u7684Vulnerability Protection\u4fdd\u8b77\u7aef\u9ede\u5c0d\u6297\u5df2\u77e5\u548c\u672a\u77e5\u7684\u6f0f\u6d1e\u653b\u64ca\uff0c\u751a\u81f3\u5728\u4fee\u88dc\u7a0b\u5f0f\u90e8\u7f72\u4e4b\u524d\u3002<\/p>\n

 <\/p>\n

@\u539f\u6587\u51fa\u8655\uff1aCVE-2017-0199: New Malware Abuses PowerPoint Slide Show<\/a> \u4f5c\u8005\uff1a \u8da8\u52e2\u79d1\u6280<\/a>\uff08Ronnie Giagone\u548cRubio Wu\uff09<\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

CVE-2017-0199 \u539f\u672c\u662f\u500b\u9060\u7aef\u57f7\u884c\u7a0b\u5f0f\u78bc\u7684\u96f6\u6642\u5dee\u6f0f\u6d1e\uff0c\u8b93\u653b\u64ca\u8005\u53ef\u4ee5\u7528\u4f86\u653b\u64ca\u5fae\u8edfOffice\u7684Wind […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[1268,156,46],"tags":[3451,2344,2292],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/51750"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=51750"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/51750\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=51750"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=51750"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=51750"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}