VBA Macro Warning Settings

This policy setting controls how the specified applications warn users when Visual Basic for Applications (VBA) macros are present.

If you enable this policy setting, you can choose from four options for determining how the specified applications will warn the user about macros:

"Trust Bar warning for all macros" - The application displays the Trust Bar for all macros, whether signed or unsigned. This option enforces the default configuration in the 2007 Office release.

"Trust Bar warning for digitally signed macros only (unsigned macros will be disabled)" - The application displays the Trust Bar for digitally signed macros, allowing users to enable them or leave them disabled. Any unsigned macros are disabled, and users are not notified.

"No Warnings for all macros but disable all macros" - The application disables all macros, whether signed or unsigned, and does not notify users.

"No Security checks for macros (Not recommended)" - All macros are enabled, whether signed or unsigned. This option can significantly reduce security by allowing dangerous code to run undetected.

If you disable this policy setting, will not receive a Trust Bar warning and all present VBA macros will be enabled.

If you do not configure this policy setting, when users open files in the specified applications that contain VBA macros, the applications open the files with the macros disabled and display the Trust Bar with a warning that macros are present and have been disabled. Users can inspect and edit the files if appropriate, but cannot use any disabled functionality until they enable it by clicking Options on the Trust Bar and selecting the appropriate action.

Important: If "Trust bar warning for digitally signed macros only (unsigned macros will be disabled)" is selected, users will not be able to open unsigned Access 2007 databases.

Also, note that the 2007 Office release stores certificates for trusted publishers in the Internet Explorer trusted publisher store. Earlier versions of Office stored trusted publisher certificate information (specifically, the certificate thumbprint) in a special Office trusted publisher store. The 2007 Office release still reads trusted publisher certificate information from the Office trusted publisher store, but it does not write information to this store.

Therefore, if you created a list of trusted publishers in a previous version of Office and you upgrade to the 2007 Office release, your trusted publisher list will still be recognized. However, any trusted publisher certificates that you add to the list will be stored in the Internet Explorer trusted publisher store.

Supported on: At least Windows Vista





visio12.admx

Administrative Templates (Computers)

Administrative Templates (Users)