Macro security levels

The following information summarizes how macro (macro: An action or a set of actions that you can use to automate tasks. Macros are recorded in the Visual Basic for Applications programming language.) virus protection works under each setting on the Security Level tab in the Security dialog box (Tools menu, Macro submenu) under different conditions. Under all settings, if antivirus software that works with Microsoft Office 2003 is installed and the file contains macros, the file is scanned for known viruses (virus: A computer program or macro that "infects" computer files by inserting copies of itself into those files. When the infected file is loaded into memory, the virus can infect other files. Viruses often have harmful side effects.) before it is opened.

Security  Because macros can contain viruses, be careful about running them. Take the following precautions: run up-to-date antivirus software on your computer; set your macro security level to high; clear the Trust all installed add-ins and templates check box; use digital signatures; maintain a list of trusted publishers.

ShowVery High

Only macros installed in trusted locations will be allowed to run. All other signed and unsigned macros are disabled. You can disable all macros entirely by setting your security level to Very High and disabling macros installed in trusted locations. To disable macros installed in trusted locations, click Tools, then select Macro and Security, and then click on the Trusted Publisher tab and “uncheck” the Trust all installed add-ins and templates option.

 Note   This also disables all COM Add-ins and Smart Tag .DLLs as well as macros.

ShowHigh

Unsigned macros

Macros are automatically disabled, and the file is opened.

Signed macros

The source of the macro and the status of the signature (digital signature: An electronic, encryption-based, secure stamp of authentication on a macro or document. This signature confirms that the macro or document originated from the signer and has not been altered.) determine how signed macros are handled.

ShowA trusted source. Signature is valid.

Macros are automatically enabled, and the file is opened.

ShowAn unknown author. Signature is valid.

A dialog box is displayed with information about the certificate (digital certificate: Attachment for a file, macro project, or e-mail message that vouches for authenticity, provides secure encryption, or supplies a verifiable signature. To digitally sign macro projects, you must install a digital certificate.). Macros can be enabled only if the user chooses to trust the author and certification authority. A network administrator can lock the list of trusted sources and prevent the user from adding the developer to the list and enabling the macros.

ShowAny author. Signature is invalid, possibly because of a virus.

User is warned of a possible virus. Macros are automatically disabled.

ShowAny author. Signature validation is not possible because public key is missing or incompatible encryption methods were used.

User is warned that signature validation is not possible. Macros are automatically disabled.

ShowAny author. The signature was made after the certificate had expired or had been revoked.

User is warned that the signature has expired or been revoked. Macros are automatically disabled.

ShowMedium

Unsigned macros

User is prompted to enable or disable macros.

Signed macros

The source of the macro and the status of the signature (digital signature: An electronic, encryption-based, secure stamp of authentication on a macro or document. This signature confirms that the macro or document originated from the signer and has not been altered.) determine how signed macros are handled.

ShowA trusted source. Signature is valid.

Macros are automatically enabled, and the file is opened.

ShowAn unknown author. Signature is valid.

A dialog box is displayed with information about the certificate. The user is prompted to enable or disable macros. The user can choose to trust the developer and certification authority.

ShowAny author. Signature is invalid, possibly because of a virus.

User is warned of a possible virus. Macros are automatically disabled.

ShowAny author. Signature validation is not possible because public key is missing or incompatible encryption methods were used.

User is warned that signature validation is not possible. User is prompted to enable or disable macros.

ShowAny author. The signature was made after the certificate had expired or had been revoked.

User is warned that the signature has expired or been revoked. User is prompted to enable or disable macros.

ShowLow

When security it set to low, all macros are treated equally regardless of origin or certificate status. With low security, you receive no prompt or signature validation and macros are automatically enabled. Use this setting only if you are certain that all macros in your files are from trusted sources.

 Note   In Microsoft Office 2003 or later, a component checks all XML files that have references to XSL files for script that could be unsafe. If macro security is set to High, running this script is disabled. If macro security is set to Medium, the user is asked whether or not to run script in XSL files. If macro security is set to Low, the script is run.

Cool things you can do with Office 2010

If you purchase, install, and activate a qualifying Microsoft Office 2007 product between March 5, 2010, and September 30, 2010, you could be eligible to download Office 2010 at no additional cost.

 
 
Applies to:
Excel 2003, Outlook 2003, PowerPoint 2003, Publisher 2003, Word 2003