About macro security levels

The following information summarizes how macro (macro: An action or a set of actions that you can use to automate tasks. Macros are recorded in the Visual Basic for Applications programming language.) virus protection works under each setting on the Security Level tab in the Security dialog box (Tools menu, Macros submenu) under different conditions.

A macro virus is a type of computer virus (virus: A computer program or macro that "infects" computer files by inserting copies of itself into those files. When the infected file is loaded into memory, the virus can infect other files. Viruses often have harmful side effects.) that is stored in a macro (macro: An action or a set of actions that you can use to automate tasks. Macros are recorded in the Visual Basic for Applications programming language.) within a Microsoft Office Visio file, ActiveX control, COM add-in (add-in: A supplemental program that adds custom commands or custom features to Microsoft Office.), or Visio add-on (add-on: A program that extends the Visio application through Automation references to Visio objects, methods, and properties.).

 Note   Because macros can contain viruses, be careful about running them. Among the precautions you take, be sure to run up-to-date antivirus software on your computer, use digital signatures, and maintain a list of trusted sources of macros. Visio cannot scan a disk, disk drive, or network drive to find and delete macro viruses. If you want this kind of protection, you must purchase and install specialized antivirus software. Visio does, however, display a warning message whenever you open a document that contains macros that might contain a virus.

ShowVery High

Only macros installed in trusted locations are allowed to run. All other signed and unsigned macros are disabled. You can disable all macros entirely by setting your security level to Very High and disabling macros installed in trusted locations. To disable macros installed in trusted locations, click Tools, point to Macros, and then click Security. On the Trusted Publisher tab, clear the Trust all installed add-ins and templates check box. This disables all COM add-ins and third-party add-ons, as well as macros.

ShowHigh

Unsigned macros Macros are automatically disabled, and the file is opened.Signed macros The source of the macro and the status of the signature (digital signature: An electronic, encryption-based, secure stamp of authentication on a macro or document. This signature confirms that the macro or document originated from the signer and has not been altered.) determine how signed macros are handled.

ShowA trusted source. Signature is valid.

Macros are automatically enabled, and the file is opened.

ShowAn unknown author. Signature is valid.

A dialog box is displayed with information about the certificate (digital certificate: Attachment for a file, macro project, or e-mail message that vouches for authenticity, provides secure encryption, or supplies a verifiable signature. To digitally sign macro projects, you must install a digital certificate.). Macros can be enabled only if the user chooses to trust the author and certification authority. A network administrator can lock the list of trusted sources and prevent the user from adding the developer to the list and enabling the macros.

ShowAny author. Signature is invalid, possibly because of a virus.

User is warned of a possible virus. Macros are automatically disabled.

ShowAny author. Signature validation is not possible because public key is missing or incompatible encryption methods were used.

User is warned that signature validation is not possible. Macros are automatically disabled.

ShowAny author. The signature was made after the certificate had expired or had been revoked.

User is warned that the signature has expired or been revoked. Macros are automatically disabled.

ShowMedium

Unsigned macros User is prompted to enable or disable macros.Signed macros The source of the macro and the status of the signature (digital signature: An electronic, encryption-based, secure stamp of authentication on a macro or document. This signature confirms that the macro or document originated from the signer and has not been altered.) determine how signed macros are handled.

ShowA trusted source. Signature is valid.

Macros are automatically enabled, and the file is opened.

ShowAn unknown author. Signature is valid.

A dialog box is displayed with information about the certificate. The user is prompted to enable or disable macros. The user can choose to trust the developer and certification authority.

ShowAny author. Signature is invalid, possibly because of a virus.

User is warned of a possible virus. Macros are automatically disabled.

ShowAny author. Signature validation is not possible because public key is missing or incompatible encryption methods were used.

User is warned that signature validation is not possible. Macros are automatically disabled.

ShowAny author. The signature was made after the certificate had expired or had been revoked.

User is warned that the signature has expired or been revoked. Macros are automatically disabled.

ShowLow

When security it set to low, all macros are treated equally regardless of origin or certificate status. With low security, you receive no prompt or signature validation and macros are automatically enabled. Use this setting only if you are certain that all macros in your files are from trusted sources.