Macro security levels in Project

If you perform a task repeatedly in Microsoft Office Project, you can automate it with a macro. One method to create a macro is with the macro recorder. Before you record a macro, plan the steps and commands that you want the macro to perform. If you make a mistake when you record the macro, any corrections that you make are also recorded. Each time that you record a macro, it is stored in the global file (Global.mpt) by default, which makes it available to all future projects. However, you can choose to store the macro with your project.

After recording a macro, you can use the Visual Basic Editor to edit the macros, if needed.

Important: Because macros can contain viruses, be careful about running them. Take the following precautions: run up-to-date antivirus software on your computer; set your macro security level to high; clear the Trust all installed add-ins and templates check box; use digital signatures; maintain a list of trusted publishers.

The following table summarizes how the macro virus protection works under each setting on the Security Level tab in the Security dialog box (Tools menu, Macro submenu) with different conditions. Under all settings, if an antivirus software that works with Project is installed and the file contains macros, the file is scanned for known viruses before it is opened.

Security Level

Des cription

Very High

Only macros installed in trusted locations will be allowed to run. All other signed and unsigned macros are disabled. You can disable all the macros entirely by setting your security level to Very High and disabling the macros installed in trusted locations. To disable the macros installed in trusted locations, on the Tools menu, point to Macro, click Security, click the Trusted Publishers tab, and then clear the Trust all installed add-ins and templates option.

Note: This also disables all COM add-ins and macros.

High

Unsigned macros are automatically disabled, and the file is opened. For signed macros, the source of the macro and the status of the signature determine how the signed macros are handled as follows:

  • A trusted source. Signature is valid.    Macros are automatically enabled and the file is opened.

  • An unknown author. Signature is valid.    A dialog box is displayed with information about the digital certificate. Macros can be enabled only if the user chooses to trust the author and certification authority. A network administrator can lock the list of trusted sources and prevent the user from adding the developer to the list and enabling the macros.

  • Any author. Signature is invalid, possibly because of a virus.    User is warned of a possible virus. Macros are automatically disabled.

  • Any author. Signature validation is not possible because the public key is missing or incompatible encryption methods were used.    User is warned that signature validation is not possible. Macros are automatically disabled.

  • Any author. The signature was made after the certificate had expired or had been revoked.    User is warned that the signature has expired or been revoked. Macros are automatically disabled.

Medium

The user is prompted to enable or disable unsigned macros. For signed macros, the source of the macro and the status of the signature determine how signed macros are handled as follows:

  • A trusted source. Signature is valid.    Macros are automatically enabled and the file is opened.

  • An unknown author. Signature is valid.    A dialog box is displayed with information about the certificate. The user is prompted to enable or disable macros. The user can choose to trust the developer and certification authority.

  • Any author. Signature is invalid, possibly because of a virus.    User is warned of a possible virus. Macros are automatically disabled.

  • Any author. Signature validation is not possible because the public key is missing or incompatible encryption methods were used.    User is warned that signature validation is not possible. User is prompted to enable or disable macros.

  • Any author. The signature was made after the certificate had expired or had been revoked.    User is warned that the signature has expired or been revoked. User is prompted to enable or disable macros.

Low

When security it set to low, all macros are treated equally regardless of origin or certificate status. With low security, you receive no prompt or signature validation and macros are automatically enabled. Use this setting only if you are certain that all macros in your files are from trusted sources.

Top of Page

Share Facebook Facebook Twitter Twitter Email Email

Was this information helpful?

Great! Any other feedback?

How can we improve it?

Thank you for your feedback!

×