With macro viruses growing more rampant and destructive, it’s become essential to teach users how to guard against them. In the past, you’ve probably preached the gospel of turning on the Office 97 Macro Virus Protection option, which alerts users to the presence of macros in a file they’re about to open. However, a steady barrage of messages saying “The document you are opening contains macros”—while better than nothing—can be pretty tedious without being especially illuminating.

Fortunately, Office 2000’s new security features are far more effective and less annoying than the proto-protection that was introduced with Office 97. In fact, Office 2000 blows its predecessor totally out of the water by offering three levels of security, digitally signed macros that allow users to bypass warnings for “trusted source” documents, and an option to enable automatic third-party virus checking.

You can find out about these features (and quite a bit about the underlying technologies) by downloading the Microsoft Office 2000 Macro Security White Paper , available free on Microsoft’s OfficeUpdate site. This 20-page reference covers a variety of security-related topics, including:

  • Digital signatures
  • Certification authorities
  • Office 2000’s levels of security
  • Administering security levels and Trusted Sources lists for individual users
  • Registry keys that contain security settings
  • Obtaining a digital certificate
  • Moving a certificate to another machine
  • Signing a macro project
  • Signing COM add-ins and DLLs
  • Keeping certificate keys secure
  • Timestamping macro signatures
  • Using SelfCert.Exe (which comes with Office 2000) to create unauthenticated certificates for personal use

Whether you’re looking for some basic information on digital signature technology, an overview of the Office 2000 security options, or specific instructions on implementing macro protection, this white paper is well worth downloading and perusing.