Protect against macro viruses

Microsoft Office Word 2003

  1. On the Tools menu, click Options.
  2. Click the Security tab.
  3. Under Macro Security, click Macro Security.
  4. Click the Security Level tab, and then select the security level you want to use.

ShowWarn about installed templates and add-ins that contain macros

Depending on your macro security setting, when you open a macro, you will receive a warning and the macro may be disabled for installed templates and add-ins (including wizards).

  1. On the Tools menu, click Options, and then click the Security tab.
  2. Under Macro Security, click Macro Security.
  3. Click the Trusted Publishers tab.
  4. Clear the Trust all installed add-ins and templates check box.

Note  All templates, add-ins, and macros shipped with Microsoft Office 2003 are digitally signed by Microsoft. After you add Microsoft to your list of trusted sources for one of these installed files, all subsequent interaction with these files will not generate messages.

ShowDigitally sign macros

You digitally sign a file or a macro project by using a digital certificate.

  1. If you don't already have a digital certificate, you must obtain one.

    ShowHow?

    You can obtain a digital certificate from a commercial certification authority, such as VeriSign, Inc., or from your internal security administrator or Information Technology (IT) professional. Or, you can create a digital signature yourself using the Selfcert.exe tool.

    To learn more about certification authorities that offer services for Microsoft products, see the Microsoft Security Advisor Web site.

    Note  Because a digital certificate you create yourself isn't issued by a formal certification authority, macro projects signed by using such a certificate are referred to as self-signed projects. Depending on how Microsoft Office digital-signature features are being used in your organization, you might be prevented from using such a certificate, and other users might not be able to run self-signed macros for security reasons.

  2. Open the file that contains the macro project you want to sign.
  3. On the Tools menu, point to Macro, and then click Visual Basic Editor.
  4. In the Project Explorer, select the project you want to sign.
  5. On the Tools menu, click Digital Signature.
  6. Do one of the following:
    • If you haven't previously selected a digital certificate or want to use another one, click Choose, select the certificate, and then click OK twice.
    • To use the current certificate, click OK.

ShowTips

  • Sign macros only after your solution has been tested and is ready for distribution, because whenever code in a signed macro project is modified in any way, its digital signature is removed. However, if you have the proper digital certificate on your computer, the macro project will automatically be resigned when saved.
  • Your digital signature says only that you guarantee that this project is safe. It does not prove that you wrote the project.
  • If you want to prevent users of your solution from accidentally modifying your macro project and invalidating your signature, lock the macro project before signing it.

    Note  Locking your macro project doesn't prevent another user from replacing the digital signature with another signature. For example, corporate administrators might re-sign templates and add-ins so that they can control exactly what users may run on their computers.

  • If you create an add-in that adds code to a macro project, your code should determine whether the project is digitally signed and notify the user of the consequences of modifying a signed project before continuing.