What is the point of having a macro language (VBA in Word) when

What is the point of having a macro language in Word et al when
the majority of users will have their macros capability turned off
for fear of macro viruses i.e Melissa?

When would one use such a capability?

If you allow the user to turn on the macro capability the risk is huge
What if a user is not security conscious?

regards
cw

Graham
Wed Jan 07 10:29:07 CST 2004

You cannot turn off the macro language in Word. What you turn off is the
ability to run macros in templates or documents that you have not produced
yourself. Macros extend the usefulness of Word to produce a wide range of
custom tasks, and the usual plan is to set the security level to medium so
that macros in a 'foreign' document will produce an alert message.

In any case you should not rely on Word to provide security from virus
attack and you should never open any file the pedigree of which you are
uncertain of. Any user who is not security conscious should not be allowed
near a PC :)

--
<>>< ><<> ><<> <>>< ><<> <>>< <>>< ><<>
Graham Mayor - Word MVP
E-mail gmayor@mvps.org
Web site www.gmayor.com
Word MVP web site www.mvps.org/word
<>>< ><<> ><<> <>>< ><<> <>>< <>>< ><<>


code_wrong wrote:
> What is the point of having a macro language in Word et al when
> the majority of users will have their macros capability turned off
> for fear of macro viruses i.e Melissa?
>
> When would one use such a capability?
>
> If you allow the user to turn on the macro capability the risk is huge
> What if a user is not security conscious?
>
> regards
> cw

Thomas
Wed Jan 07 12:00:56 CST 2004

"Graham Mayor" <gmayor@mvps.org> wrote in message
news:uhd7itT1DHA.2396@TK2MSFTNGP09.phx.gbl...
> You cannot turn off the macro language in Word. What you turn off is the
> ability to run macros in templates or documents that you have not produced
> yourself. Macros extend the usefulness of Word to produce a wide range of
> custom tasks, and the usual plan is to set the security level to medium so
> that macros in a 'foreign' document will produce an alert message.
>
> In any case you should not rely on Word to provide security from virus
> attack and you should never open any file the pedigree of which you are
> uncertain of. Any user who is not security conscious should not be allowed
> near a PC :)
>
> --
> <>>< ><<> ><<> <>>< ><<> <>>< <>>< ><<>
> Graham Mayor - Word MVP
> E-mail gmayor@mvps.org
> Web site www.gmayor.com
> Word MVP web site www.mvps.org/word
> <>>< ><<> ><<> <>>< ><<> <>>< <>>< ><<>
>
>
> code_wrong wrote:
> > What is the point of having a macro language in Word et al when
> > the majority of users will have their macros capability turned off
> > for fear of macro viruses i.e Melissa?
> >
> > When would one use such a capability?
> >
> > If you allow the user to turn on the macro capability the risk is huge
> > What if a user is not security conscious?
> >
> > regards
> > cw
>
>

Actually, starting with Office XP (I believe) you CAN choose to NOT install
VBA at all. There are articles in the Microsoft Knowledge Base about this
and the consequences.

I agree totally with Graham. Protecting from viruses should be done with
anti-virus software.

-Tom

Jonathan
Wed Jan 07 10:02:28 CST 2004

Hi cw


"code_wrong" <tac@tac.ouch.co.uk> wrote in message
news:bth87e$6o7$1@news5.svr.pol.co.uk...
> What is the point of having a macro language in Word et al when
> the majority of users will have their macros capability turned off
> for fear of macro viruses i.e Melissa?

There are ways of distributing templates with code that will run even when
security is set to high. The general principle is that you need to have a
digital signature with which the template can be signed. When the template
it installed on the user machine, the user has the option of accepting or
not accepting the signature. Accepting it enables the code to run even
though security is still set to High.

I had my doubts about whether the system was workable when it was first
introduced to VBA in Office 2000, but it seems to have worked pretty well
overall.

>
> When would one use such a capability?

Whenever you want to distribute applications into a high-security
environment.

>
> If you allow the user to turn on the macro capability the risk is huge
> What if a user is not security conscious?

If the code is signed then the security provisions remain in place for all
unsigned code. All the user is doing by accepting your certificate is
allowing *your* code to run.


--
Regards
Jonathan West - Word MVP
http://www.multilinker.com
Please reply to the newsgroup

code_wrong
Wed Jan 07 15:15:36 CST 2004


"Jonathan West" <jwest@mvps.org> wrote in message
news:e1e%23w6V1DHA.2680@TK2MSFTNGP11.phx.gbl...
> Hi cw
>
>
> "code_wrong" <tac@tac.ouch.co.uk> wrote in message
> news:bth87e$6o7$1@news5.svr.pol.co.uk...
> > What is the point of having a macro language in Word et al when
> > the majority of users will have their macros capability turned off
> > for fear of macro viruses i.e Melissa?
>
> There are ways of distributing templates with code that will run even when
> security is set to high. The general principle is that you need to have a
> digital signature with which the template can be signed. When the template
> it installed on the user machine, the user has the option of accepting or
> not accepting the signature. Accepting it enables the code to run even
> though security is still set to High.
>
> I had my doubts about whether the system was workable when it was first
> introduced to VBA in Office 2000, but it seems to have worked pretty well
> overall.
>
> >
> > When would one use such a capability?
>
> Whenever you want to distribute applications into a high-security
> environment.
>
> >
> > If you allow the user to turn on the macro capability the risk is huge
> > What if a user is not security conscious?
>
> If the code is signed then the security provisions remain in place for all
> unsigned code. All the user is doing by accepting your certificate is
> allowing *your* code to run.
>

Thanks Jonathan,
I can see how it can work now.
cw