About helping protect files from macro viruses

Microsoft Office Access 2003

previous page next page

The levels of security to help reduce macro virus infection are as follow:

  • Very High This setting is not available in the Security dialog box in Microsoft Office Access 2003. It is possible, however, to use system policies to set the security level in Access to Very High. When the security level is set to Very High, Access cannot open any Access database or Access project files.
  • High You can open files that have been digitally signed and that you confirm are from a trusted source Before deciding to trust a source, you should confirm that the source is responsible and uses a virus scanner before signing macros.
  • Medium A warning is displayed whenever a file is opened from a source that is not on your list of trusted sources (described below). You can choose whether to open the database.
  • Low If you are sure that all the files and add-ins you open are safe, you can select this option. At this security level, macros are always enabled when you open files.

By default, the security level is set to Medium. If the security level is set to Medium or High, you can maintain a list of trusted macro sources. When you open a file or load an add-in that contains macros developed by any of these sources, the macros are automatically enabled.

ShowDigital signatures

A digital signature on a macro is like a wax seal on an envelope— it confirms that the macro originated from the developer who signed it and that the macro has not been altered.

When you open a file or load an add-in that contains a digitally signed macro, the digital signature appears on your computer as a certificate. The certificate names the source of the macro and provides additional information about the identity and integrity of that source. A digital signature does not necessarily guarantee the safety of a macro, so you must decide whether you trust a macro that has been digitally signed. For example, you might trust macros signed by someone you know or by a well-established company. If you are unsure about a file or an add-in that contains digitally signed macros, carefully examine the certificate before you open the file. If you know that you can always trust macros from a particular publisher or developer, you can add that publisher or developer to the list of trusted sources when you open the file or load the add-in.

You can digitally sign macros from within the Visual Basic Editor.

ShowList of trusted publishers

When you open a file that includes signed macros, you are prompted whether you want to trust all macros originating from that publisher. If you select this option, you add the certificate's owner to your list of trusted publishers. Before you decide to do this, you should review the details of the digital certificate— for example, look at the Issued to and Issued by fields to determine whether you trust its publisher, and look at the Valid from field to determine if the certificate is current. The certificate may also include details such as the e-mail name or Web site of the person who obtained the certificate.

Once you add a person (or corporation) to your list of trusted publishers, Office will enable macros signed by this trusted publisher without showing you a security warning. You can also remove entries from the list of trusted publishers.

Note  A source added to the list of trusted publishers will also be trusted in Microsoft Internet Explorer.

ShowSecurity warning information

ShowNotes about the security warning

  • The database might not be from a trusted source. If the security level is set to Medium or High, and you open a database that contains digitally signed macros that are not from a trusted source, you receive a security warning. If you are sure you trust the macro developer, add the name to the list of trusted publishers on the Trusted Publishers tab in the Security dialog box (on the Tools menu, point to Macro, and click Security).
  • The database might contain a macro virus. If you don't expect the database to contain a macro, Visual Basic for Applications (VBA) code, a form that contains an ActiveX control, a report that contains an ActiveX control, action query, data-definition query, pass-through query, or update query, you might have a virus that is adding a macro virus to the database. Check your computer for viruses, and try to get an uninfected copy of the database from the source.
  • The database contains legitimate macros, Visual Basic for Applications (VBA) code, forms that contain an ActiveX control, reports that contain an ActiveX control, action queries, data-definition queries, pass-through queries, or update queries. If you know these are legitimate and safe, you might want to digitally sign the database and then add your name to the list of trusted publishers on the Trusted Publishers tab in the Security dialog box (on the Tools menu, point to Macro, and click Security).

ShowPreventing macro security warnings

To stop displaying macro warnings, change the security level to Low on the Security Level tab (on the Tools menu, point to Macro, and click Security). To avoid a macro virus infection on your computer, change the security level to Low only if you are running specialized antivirus software that can check documents for macro viruses, and you are sure all the macros you use are from trusted sources.

ShowWhen the Security Warning dialog box tells you the source has not been authenticated

This warning appears in the Security Warning dialog box if the security level is set to High or Medium on the Security Level tab (on the Tools menu, point to Macro, and click Security), and you open a database that contains digitally signed macros but the digital certificate has not been authenticated. For example, if the database developer has created his or her own digital certificate, you receive this warning.
previous page start next page