We are using an word addin to generate some documents. Now we want to increase security with policies for running Word macros in trust center. We would like to enable only macros with digital signatures, what works so far.
But if we are opening a Word document with our addin Word (running documents.open) is running macros without digital signature. Can we compeltely disable macros without digital signatures?
Related
I'm using Word 2019 and have created macros I want to send to other organisations.
However, when I transfer the document (.docm) or the template (.dotm) the recipient doesn't get the macros (although everything else goes across). On the Developer ribbon, there is no entry for the macro itself or the VBA code.
I know I can export the macro to a *.bas file which the recipient can then import but I'd like to do it directly.
There is no problem with transferring Excel macros but I can't get Word to work.
Can anybody help?
This is most likely to have 2 possible reasons:
Did you really choose "Word Macro-Enabled Document" as file format? It could be that you saved a normal "Word Document" with the file extension .docm. Note that the file extension does not defined the file format.
If this happend you have actually a Word document (without macros) but with the wrong file extension .docm. Make sure you choose the correct format not only the correct extension.
You can easily test this:
Save your file as macro enabled file docm.
Close Word completely.
Re-Open your file. If the macro is still there your file format is correct.
If you send your file via email it can be that your recepient does not allow to recieve macro enabled files, and his email server is stripping off the macro from the Word file.
If this is the case, then you cannot do much to prevent this. It is in the responsibility of the recepient. The only way to get through this kind of filter is to pack your file into a password protected zip archive so the email server cannot access the Word file. But not that doing so can violate the recepients policies. Also if the reciepient's company did it right they won't allow password protected zip archives via email because the could tunnel through their email filters.
Best solution in this case it to provide the file via some cloud share (Google Drive, Dropbox, One Drive, what ever, …) and send the recipient a link only.
That is because of your AV blocking macros to be saved in your PC. Macros have been used in the past by threat actors and Microsoft has applied a protection to them.
When you edit a document with macros, word creates a hidden file which is the macro you are running, now when you try to save that file, it gets caught by AV. Since AV thinks it is an evil activity. It gets saved on your system because your directory is now a Trusted Location and it is okay.
A workaround is to install Windows 7 with Microsoft Office 2007 to get what you want since Windows 7 has little to no security.
Thanks
We have staff that use a from created by a state government office. It is full of VBA code, smaller macros, and active x controls. This document changes often and does not have a publisher certificate. When a user opens the document and allows the code to run it bugs out. (formatting is wrong on newly created sheets etc). I have contacted the document creators and they claim it's "system corruption" but I doubt this to be the case since this occurs on every single copy of excel 2010 we have. My fix has be to disable the trust center almost entirely. This is really not acceptance and what I would like to ask is there any way to set excel to both trust and enable documents from either a certain site or with a name containing an phrase or a name?
Yes, you can in Trust Center Settings under the Trusted Locations tab you can trust a location, or a single file by hitting the Add new location... button and adding the location to the folder or files you want to trust.
I created a VBA-macro which will be used by some word-documents within my company. The macro detects tags and removes chapters from a document. This document is created by another program. So the macro should be separately distributable.
Is it possible to generate an executable which adds the macro to the user running the executable?
Is there another way to package macros and install them on a user's computer?
Thanks
The easiest way to deploy Macros is via a template. Create your Macro and save the file as .dotm (macro-enabled template). I think you will get a suggestion where to save your .dotm-file.
Any colleague who wants to use your template simply has to put it in that directory (I think it's C:\Users\[UserName]\AppData\Roaming\Microsoft\Templates). After that, he should be able to use the macros while working on any word document.
There are basically five ways to do this:
1) Send everyone a text file with your macro that they can paste into their own Normal template. This is fine for very simple macros that are unlikely to have any name conflicts with macros users create themselves, but it does require basic knowledge of the VB editor.
2) Send everyone a .bas file that you create by exporting a module that contains your macro(s). This gives you a little more control and avoids copy/paste errors. Still requires basic understanding of the VB editor (or decent instructions from you).
3) Package your macros in a template (.dotm file) that lives in the Templates folder. Users can apply that template to any document they're creating and gain access to your macro(s). No VB knowledge required; this is done through the standard Word New File process. Also allows you to include styles or other things if you want.
4) Package your macros as a global template (.dotm file) that lives in the Startup folder. Users will have access to your macro(s) in every file they work on, no need to apply your template. This is good if what you are doing is central to your team's workflow and doesn't require that you include styles with your macro. You can also build in UI elements. (There can be issues with this approach in Word 2011; users may not have immediate access to the global template but it is easy enough to get back.)
Both 3 and 4 do require that the user initially place the .dotm file in the right place. You can help them with this (one approach is to use another Word doc as a "setup" file that, when run, places the template in the presumed correct folder). Obviously that requires more work on your part so how far you'd want to go with that depends on you and your business needs.
5) Additionally, if you have control over the creation of the document itself (rather than just the macro) you can embed a macro in the document. You can place the macro itself in the document's ThisDocument module (find your document in the Project Explorer and then open Microsoft Word Objects). Then save the document as .docm (macro-enabled document). Users should be instructed to enable macros when they open the document (different versions of Word use slightly different interfaces for prompting the user about this, but it's always pretty obvious).
Over the last 7 years I have been deploying my Word VBA in a different way. The software is a Word add-in that makes it easier for teachers to provide feedback on assignments. It is distributed as a 30 day trial and if the user buys it they are given a key which enables them to use eMarking Assistant for a year. You can test the deployment system at http://eMarkingAssistant.com
The deployment and licensing mechanism is given below:
save the vba in a macro enabled document i.e. a .docm file
in Windows rename the file to be a .doc file
use Orlando's excellent "VBA decompiler and compacter" from http://orlando.mvps.org/VBADecompilerMore.asp to remove compiled code and references to specific Office versions from the .doc and compact the document
ask the user to download the .doc file
ask the user to open the .doc file and ensure that macros are enabled
let the user trial the software in the document
if they want to use the software in any document they click an "install" button in the document to copy the vba code to to a .dotm file in their Word startup folder (so it is loaded automagically)
if they want to buy a subscription to use the software, they pay using paypal and I send them a key which unlocks the software until the end of the subscription
Advantages of this process are:
a single document can be used on all versions of Office for Windows from Office 97 to Office 2016 (32 bit and 64 bit).
the install and uninstall all happen within Office so the suer does not need to admin rights over their computer
users do not need to install the software until they have used it in the document
users do not need to use another program to unzip or install the software
Peter Evans
I have a macro which is used for a personal inbox in Outlook.
I used the macro once at work through the VB editor. The second time I tried to run it (using the F8 key), Outlook blocked the macro from been implemented.
My organization has disabled the macro settings options in the Trust Center due to which I cannot change the security settings.
Can I convert these macros to .exe files to bypass this security of Outlook? Will any change have to be made to the code of the macros so it will work in .exe format?
You should be able to convert to VB6. VB.Net will probably be more challenging.
You might also want to think about converting to a COM add0-in instead of a standalone exe. http://www.outlookcode.com/ is a good place to start.
I'm trying to automate the security prompt in outlook when I try to send emails via a 3rd party software i.e SAS. What solutions are there? I've tried a VBA solution and reduced security to low on the tools - macros setting but no joy :(
Aside from the first warning message that an external program is trying to access Outlook you can save drafts of messages without any hassle (at least using VBA). I used this to produce whatever emails I needed then ran a seperate macro INSIDE Outlook to send all the drafts.
Or you could use an Outlook macro to communicate with the external software and send it's own emails based on an output.