Be careful: Has this Access file lost its digital signature, or has it never been signed?
In general, when you receive a digitally signed file from a trusted entity, you can feel reasonably confident the file is safe. This is primarily due to two things:
- To digitally sign a file, you must have what is known as the "private key" for the signature — the private key allows you to add its unique signature to a file.
- Thus, if someone without the private key changes a signed file by making potentially dangerous changes, such as adding or altering code, macros, or expressions, the digital signature will become invalid and will be removed from the file.
Caution At the Medium macro security level in Access, when you open a digitally signed file that has lost its signature, the standard security warning message for the Medium level will be displayed (see the picture on the left), as if the file had never been signed at all. Remember to exercise great care when you consider opening any file that's not signed. At the High macro security level, you simply won't be able to open the file because it no longer has a signature.
Before you open a file that has lost its signature, you should exercise extreme caution: You can run a virus scan, notify the publisher that the signature for the file is no longer valid, or retrieve a backup version of the file. It's then up to you whether to open the file. If you do decide to open the file, you should examine all objects and VBA modules, macros, or expressions for any suspicious code.
In summary, at the Medium and High macro security levels, when you open a file that has a digital signature from a trusted publisher, you won't be prompted with any security warnings. If you do see a warning, this indicates the file may have been changed by an unauthorized party or corrupted.
It's often said that no one is an island. We recommend that you operate at the High macro security level. If you need to work with unsigned files from other sources, you can use the Medium macro security level to do that; however, you should always examine such files and sources carefully before choosing to enable any macros, and change back to High when you no longer need to use the Medium macro security level. At the Medium macro security level, when you open a file with a signature that you have not yet added as a trusted publisher, the warning message from Access should cause you to think about which files you can trust.
