Microsoft Office Online
Sign in to My Office Online (What's this?) | Sign in

Warning: You are viewing this page with an unsupported Web browser. This Web site works best with Microsoft Internet Explorer 6.0 or later, Firefox 1.5, or Netscape Navigator 8.0 or later. Learn more about supported browsers.
Quick Reference Card - Audio course: Sign your own macros for stronger security

Summary of macro security levels

Macro security level Trust all installed add-ins and templates check box Digitally signed From trusted sources Microsoft Excel, Microsoft PowerPoint®, and Microsoft Word will:
Very High Cleared Yes or No Yes or No Disable the add-in or macro.

Remember:   All macros, COM add-ins, and smart tag .dll files will be disabled. This may interfere with some processes in Microsoft Office.
High Cleared Yes Yes Run the add-in or macro silently.


Yes No Open the Security Warning dialog box so that you can choose to enable or disable macros.


No n/a Disable add-ins or macros.
Medium Cleared Yes Yes Run the add-in or macro silently.


Yes No Open the Security Warning dialog box so that you can choose to enable or disable macros.


No n/a Open the Security Warning dialog box so that you can choose to enable or disable macros.
Low Cleared Yes or No Yes or No Run the add-in or macro silently.

Very High, High, Medium, or Low

 Selected Yes or No Yes or No

Run all add-ins silently. Macros will be run silently if they're in the User Templates folder, Workgroup Templates folder, or Startup folder.

Other macros will be picked up according to the security settings previously described.

Note    Microsoft Access does not have a Very High macro security level.

Public and private keys

For more information about how public and private keys work, see this MSDN® article: Public/Private Key Pairs.

Set the macro security level

In Access, Excel, PowerPoint, and Word:

  1. On the Tools menu, point to Macro, and then click Security.
  2. In the Security dialog box, click the Security Level tab. Make sure that the macro security level is set to High; if it's not, consider changing it now.
  3. Click OK.

Install Digital Certificate for VBA projects (SelfCert.exe)

  1. On the taskbar, click the Start button, and then click Control Panel.
  2. Click Add or Remove Programs. (If you use Category View in Control Panel, you'll have to click Add or Remove Programs again.)
  3. Make sure that Change or Remove Programs is selected on the left, and then scroll down the page and click Microsoft Office Professional Edition 2003. Click the Change button.
  4. In Microsoft Office 2003 Setup, make sure the Add or Remove Features is selected; then click Next. Select the Choose advanced customization of applications check box; then click Next.
  5. Click the plus sign next to Office Shared Features, click the arrow next to Digital Certificate for VBA projects (SelfCert.exe), and then click Run from My Computer.
  6. Click Update. When the installation is finished, click OK.

Create a self-signed digital certificate

  1. On the taskbar, click the Start button, point to All Programs, point to Microsoft Office, point to Microsoft Office Tools, and then click Digital Certificate for VBA Projects.
  2. In the Create Digital Certificate dialog box, type a unique name in the Your certificate's name box, and then click OK.
  3. You'll see a success message. Click OK.

Sign a macro with a digital signature

In Access, Excel, PowerPoint, and Word:

  1. On the Tools menu, point to Macro, and then click Visual Basic Editor.
  2. Open the module that contains your macro. Review your code. It's always a good idea to review your code before signing it.
  3. In the Visual Basic Editor, on the Tools menu, click Digital Signature.
  4. In the Digital Signature dialog box, click Choose, click the certificate you wish to use, and then click OK.
  5. Click OK, and then, on the File menu, return to the program.

    Remember, you'll have to add the certificate to your list of trusted publishers the first time that you try to use it.

This process will sign all the macros in the file.

Digital certificates in a workgroup

There is no way to share the private key of a self-signed certificate created by using the SelfCert.exe file, so other people in your workgroup will not be able to run or use your macros at the High macro security level. If you do want this functionality, you must create a certificate by using the MakeCert.exe file instead of the SelfCert.exe file.

Visit the Office Development Center for more information about MakeCert.exe.

Warning   Sharing macros even within a group of trusted work colleagues can still be a security risk. It's important to use the same security procedures in a network that you would use with external sources. Remember, networks share viruses too.
© 2010 Microsoft Corporation. All rights reserved.