Home |
Search |
Today's Posts |
#1
Posted to microsoft.public.excel.programming
|
|||
|
|||
How to test Excel 2003 & 2007 macro security level
I want to test Excel's macro security level before loading a worksheet with
macros. What's the "best" way to do this? In 2003, I believe I can test the Registry HKEY_CURRENT_USER\Software\Microsoft\Office\9\Exce l\Security\Level In 2007, it appears from my testing that the same test would be on HKEY_CURRENT_USER\Software\Microsoft\Office\12\Exc el\Security\VBAWarnings I'd have preferred to use the Application.AutomationSecurity property rather than the registry, but testing it under 2007 (Vista) it doesn't seem to change when I change the security level in Excel's UI. I'm quite surprised that apparently a non-Administrative Vista user can simply change the VBAWarnings registry variable to enable macros. Seems like a weak link in the security model. Anyone have any suggestions? |
#2
Posted to microsoft.public.excel.programming
|
|||
|
|||
How to test Excel 2003 & 2007 macro security level
Hello
According to the TechNet article http://technet2.microsoft.com/Office...8d-40a9-87ec-3 1a8ea80e0371033.mspx?mfr=true, Secion: VBA macro settings, there are four main types of security setting for macros: o Settings for changing the default behavior of macros. o Settings for changing VBA. o Settings for changing macro behavior in applications that are started programmatically through Automation. o Settings for preventing virus-scanning programs from scanning encrypted macros. The macro setting you mentioned in the beginning of the post belongs to the first type "Settings for changing the default behavior of macros". It corresponds to the VBAWarning registry and can be configured by uses because it is a user level setting: HKEY_CURRENT_USER. And as far as I know, the only way to change this setting is through the registry. Application.AutomationSecurity, the application-specific automation security settings, belong to the third type: "Settings for changing macro behavior in applications that are started programmatically through Automation". According to the section "Programming-related security issues" in http://office.microsoft.com/en-us/or...403181033.aspx, the Application.AutomationSecurity allows programmers a means of controlling how security is handled when a macro call another macro or external program. It has three possible values: msoAutomationSecurityLow, msoAutomationSecurityByUI, msoAutomationSecurityForceDisable. Therefore, Application.AutomationSecurity is different from the macro security level you mentioned in the post. The corresponding registry for Application.AutomationSecurity is HKCU\Software\Microsoft\Office\Common\Security\Aut omationSecurity This is a DWORD key and it can have the following values: 3 = msoAutomationSecurityForceDisable, disable macros by default. 2 = msoAutomationSecurityByUI use the security value that is currently set in the Trust Center UI for each of the applications. 1 = msoAutomationSecurityLow , current default for most apps, macros in enabled. For other information about the AutomationSecurity property, please refer to The AutomationSecurity property behavior has changed in Office 2003 http://support.microsoft.com/kb/825939 Please let me know if you have any other concerns, or need anything else. Sincerely, Jialiang Ge , remove 'online.') Microsoft Online Community Support ================================================== For MSDN subscribers whose posts are left unanswered, please check this document: http://blogs.msdn.com/msdnts/pages/postingAlias.aspx Get notification to my posts through email? Please refer to http://msdn.microsoft.com/subscripti...ult.aspx#notif ications. If you are using Outlook Express/Windows Mail, please make sure you clear the check box "Tools/Options/Read: Get 300 headers at a time" to see your reply promptly. Note: The MSDN Managed Newsgroup support offering is for non-urgent issues where an initial response from the community or a Microsoft Support Engineer within 1 business day is acceptable. Please note that each follow up response may take approximately 2 business days as the support professional working with you may need further investigation to reach the most efficient resolution. The offering is not appropriate for situations that require urgent, real-time or phone-based interactions or complex project analysis and dump analysis issues. Issues of this nature are best handled working with a dedicated Microsoft Support Engineer by contacting Microsoft Customer Support Services (CSS) at http://msdn.microsoft.com/subscripti...t/default.aspx. ================================================== This posting is provided "AS IS" with no warranties, and confers no rights. |
#3
Posted to microsoft.public.excel.programming
|
|||
|
|||
How to test Excel 2003 & 2007 macro security level
Thanks for the information, Jialang.
I'd like to clarify what you said in light of my specific needs. My application (in a high level language) launches Excel using OLE Automation: ('Excel.Application') Our application then uses the open command via OLE to open a worksheet: Open(FileName := C:\Sample.xls, UpdateLinks := 0,ReadOnly := False, IgnoreReadOnlyRecommended := False); We then use OLE to run a macro in the workbook: Run( 'Workbookname!PopUp'); My question: What is the best way on XP and Vista to detect whether the user's Excel (2003 and 2007) are configured to allow the macro to run? We know the version of Excel they're running (by reading the properties of the .exe associated with .xls files). In XP with Excel 2003, we've been checking the HKEY_CURRENT_USER\Software\Microsoft\Office\9\Exce l\Security\Level key to determine whether the macro will run. Will this key continue to work on Vista when running Excel 2003? Does the HKEY_CURRENT_USER\Software\Microsoft\Office\12\Exc el\Security\VBAWarnings key serve the same function with Excel 2007? |
#4
Posted to microsoft.public.excel.programming
|
|||
|
|||
How to test Excel 2003 & 2007 macro security level
Hello
Generally speaking, the 'BEST' way is not to set the macro security low because it may give a greate chance for some potentially dangerous code to run. The 'BEST' way is to digitally sign the trusted macros or put the macros in a trusted location. The macro security level had better be set to high. If you insist lowering the security level, we could change the VBAWarnings as illustrated in the previous reply. But please do remember to set the value back after the macro is run. Will this key continue to work on Vista when running Excel 2003? Yes, but I think the key for Excel 2003 should be HKEY_CURRENT_USER\Software\Microsoft\Office\11\Exc el\Security\Level The internal code for Excel 2003 is 11, rather than 9. Does the HKEY_CURRENT_USER\Software\Microsoft\ Office\12\Excel\Security\VBAWarnings key serve the same function with Excel 2007? Yes. If you have further questions, please feel free to let me know. Sincerely, Jialiang Ge , remove 'online.') Microsoft Online Community Support ================================================= When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ================================================= This posting is provided "AS IS" with no warranties, and confers no rights. |
#5
Posted to microsoft.public.excel.programming
|
|||
|
|||
How to test Excel 2003 & 2007 macro security level
Hi,
Would you mind letting me know the result of the suggestions? If you need further assistance, feel free to let me know. I will be more than happy to be of assistance. Have a great day! Sincerely, Jialiang Ge , remove 'online.') Microsoft Online Community Support ================================================= When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ================================================= This posting is provided "AS IS" with no warranties, and confers no rights. |
#6
Posted to microsoft.public.excel.programming
|
|||
|
|||
How to test Excel 2003 & 2007 macro security level
Your answer was exactly what I needed to know. Thank you so much for
providing me with a clear explanation of how macro security is checked in Excel. Tom |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
How can I change the Macro Security level in Excel 2003 viewer? | Setting up and Configuration of Excel | |||
How can I change the Macro Security level in Excel 2003 viewer? | New Users to Excel | |||
Excel 2003 sticks to the low macro security level | Excel Discussion (Misc queries) | |||
Test For Macro Security Settings Level | Excel Programming |