Tech Tip: Self-sign macros for security

Macro security in Outlook allows you to control when macros can run, which helps prevent malicious code from affecting an Outlook user's system. When macro security is set to High in Outlook, only digitally signed macros from trusted sources can run. A Medium setting causes Outlook to ask you whether to enable and allow macros to run. A Low setting allows all macros to run, which poses significant risks from malicious code.

If you create your own macros, you can digitally sign your macros so they'll run without triggering Outlook's macro security warnings. Outlook 2000 and Outlook 2002 both provide the means to sign VBA projects.

Search for the file Selfcert.exe, which enables you to create your own code-signing certificate. In Outlook 2000, you'll find this file in the \Program Files\Microsoft Office\Office folder; in Outlook 2002, it's in \Program Files\Microsoft Office\Office10. If the file isn't on the system, run Setup, and add the Digital Signature For VBA Projects feature.

After you locate Selfcert.exe, follow these steps:

  1. Run Selfcert.exe, and enter a name for the certificate, such as "Outlook Code Signing Certificate," when prompted.
  2. Choose Tools | Macro | Macros, select a macro, and click Edit to open the Visual Basic editor.
  3. Choose Tools | Digital Signature to open the Digital Signature dialog box.
  4. Click Choose, select your code-signing certificate, and click OK.
  5. Click OK again, and close the Visual Basic editor.
  6. Verify that you have configured Outlook macro security for either Medium or High settings, and attempt to run a macro.
  7. When Outlook asks if you want to trust the macro publisher, click Yes.

Your custom macros should now run without triggering the Outlook security warnings.

Editor's Picks