Change the Outlook security level for macro virus protection

To protect your computer against macro (macro: An action or a set of actions that you can use to automate tasks. Macros are recorded in the Visual Basic for Applications programming language.) viruses, the default security level in Microsoft Outlook is High. Also, be sure to use an up-to-date antivirus program.

You can change the security level by using this procedure unless your administrator has already implemented a security level for your organization and has made the other level options unavailable.

  1. On the Tools menu, point to Macro, and then click Security.
  2. Click the option you you need.

ShowVery High

Only macros installed in trusted locations will be allowed to run. All other signed and unsigned macros are disabled. You can disable all macros entirely by setting your security level to Very High and disabling macros installed in trusted locations. To disable macros installed in trusted locations, click Tools, then select Macro and Security, and then click on the Trusted Publisher tab and “uncheck” the Trust all installed add-ins and templates option.

 Note   This also disables all Com Add-ins and Smart Tag .DLLs as well as macros.

ShowHigh

Unsigned macros

Macros are automatically disabled, and the file is opened.

Signed macros

The source of the macro and the status of the signature (digital signature: An electronic, encryption-based, secure stamp of authentication on a macro or document. This signature confirms that the macro or document originated from the signer and has not been altered.) determine how signed macros are handled.

ShowA trusted source. Signature is valid.

Macros are automatically enabled, and the file is opened.

ShowAn unknown author. Signature is valid.

A dialog box is displayed with information about the certificate (digital certificate: Attachment for a file, macro project, or e-mail message that vouches for authenticity, provides secure encryption, or supplies a verifiable signature. To digitally sign macro projects, you must install a digital certificate.). Macros can be enabled only if the user chooses to trust the author and certification authority. A network administrator can lock the list of trusted sources and prevent the user from adding the developer to the list and enabling the macros.

ShowAny author. Signature is invalid, possibly because of a virus.

User is warned of a possible virus. Macros are automatically disabled.

ShowAny author. Signature validation is not possible because public key is missing or incompatible encryption methods were used.

User is warned that signature validation is not possible. Macros are automatically disabled.

ShowAny author. The signature was made after the certificate had expired or had been revoked.

User is warned that the signature has expired or been revoked. Macros are automatically disabled.

ShowMedium

Unsigned macros

User is prompted to enable or disable macros.

Signed macros

The source of the macro and the status of the signature (digital signature: An electronic, encryption-based, secure stamp of authentication on a macro or document. This signature confirms that the macro or document originated from the signer and has not been altered.) determine how signed macros are handled.

ShowA trusted source. Signature is valid.

Macros are automatically enabled, and the file is opened.

ShowAn unknown author. Signature is valid.

A dialog box is displayed with information about the certificate. The user is prompted to enable or disable macros. The user can choose to trust the developer and certification authority.

ShowAny author. Signature is invalid, possibly because of a virus.

User is warned of a possible virus. Macros are automatically disabled.

ShowAny author. Signature validation is not possible because public key is missing or incompatible encryption methods were used.

User is warned that signature validation is not possible. User is prompted to enable or disable macros.

ShowAny author. The signature was made after the certificate had expired or had been revoked.

User is warned that the signature has expired or been revoked. User is prompted to enable or disable macros.

ShowLow

When security it set to low, all macros are treated equally regardless of origin or certificate status. With low security, you receive no prompt or signature validation and macros are automatically enabled. Use this setting only if you are certain that all macros in your files are from trusted sources.

 Note   In Microsoft Office 2003 or later, a component checks all XML files that have references to XSL files for script that could be unsafe. If macro security is set to High, running this script is disabled. If macro security is set to Medium, the user is asked whether or not to run script in XSL files. If macro security is set to Low, the script is run.

 
 
Applies to:
Outlook 2003