When I open the template that one of my colleagues has developed, Word says that the macros are disabled and tells me to check the host application's online help or documentation. Help! What's a host application, what's the problem, andmost of allhow do I fix it?
Visual Basic for Applications is what's called a hosted programming language: instead of running on its own, as Visual Basic itself does, VBA requires a host application to provide it with an environment in which to work. Word is the host application here; the other Office applications, and many other applications, also host VBA.
The problem is that Word's security settings are set to protect you from potentially dangerous code. Because VBA can take a wide variety of actions on your computer without your intervention, it's a security threat. Consequently, Microsoft has bundled up Word (and the other Office applications) increasingly tightly against malefaction. When you open a VBA project that might be dangerous, Word disables its macros (see Figure 8-5).
Figure 8-5. If Word automatically disables macros that you need to run, you may need to change your security settings.
To change the security settings so that you can run the macros (assuming that you trust the template's creator not to use them to wreak havoc on your machine), choose Tools » Macro » Security and select the appropriate option on the Security Level tab (see Figure 8-6). Word 2003 offers Very High, High, Medium, and Low levels; Word XP and Word 2000 do not offer the Very High level. Here's what you need to know about the details:
- Trusted locations
- By default, Word trusts macros in templates and add-ins (for example, global templates) installed on your computer. So, even if you set the security level to Very High or High, you can still run any macros that you create yourself. To prevent Word from trusting installed templates and add-ins, uncheck the "Trust all installed add-ins and templates" box on the Trusted Publishers tab (Trusted Sources tab in Word XP and Word 2000).
Figure 8-6. The Security Level tab lets you control whether Word will run macros that are not signed with digital signatures or installed in trusted locations.
- Trusted publishers/trusted sources
Trusted publishers (in Word 2003), also known as trusted sources (in Word XP or Word 2000), are people or entities for whom a digital certificate is installed on your computer and who are designated as trustworthy. You can view the list on the Trusted Publishers tab or Trusted Sources tab. If you administer your computer, you will probably be able to add trusted publishers or sources; if so, Word will prompt you when you open a document, template, or add-in that has been signed by a digital certificate that's not yet trusted. In a corporate network, network administrators usually manage trusted sources.
digital certificateis encrypted code that uniquely identifies its holder. Digital certificates are available from
certification authorities(CAs) such as VeriSign (http://www.verisign.com), Thawte (http://www.thawte.com; a VeriSign company), and GlobalSign NV (http://www.globalsign.com). Some companies also issue digital certificates to their own staff from in-house CAs.
- Signed and unsigned macros
A signed macro is one that has been digitally signed by the holder of a digital certificate. Being signed doesn't mean that the macro is necessary benevolent or trustworthy, just that it has some form of audit trail attached to it. Similarly, being unsigned doesn't necessarily mean that a macro is malicious.
If you distribute your macros to other people, you will need to sign them to ensure that they are trusted. Once you've installed a digital certificate on your PC, you can sign a macro project (for example, a template) in the Visual Basic Editor: click the project in the Project Explorer, choose Tools » Digital Signature, click the Choose button, pick the certificate in the Select Certificate dialog box, and click the OK button to close each dialog box.updated