This article is a general overview of digital certificates and how they relate to digitally signed Office macros, signed programs, and ActiveX controls. This article answers the following questions:
- What is a digital certificate?
- What is a signature? Why do we need them?
- What happens with each security level?
- How can I get a signature?
What Is a Digital Certificate?Digital signatures and certificates of authenticity can be applied to executable programs, ActiveX controls, or Office Visual Basic for Applications macros. These signatures provide you with the assurance that what you are about to use comes from a realiable source and that it has not been tampered with. Digital certificates help to eliminate macro viruses from being introduced into your Office documents, your computer, and your local network.
A digital certificate is an ID that is carried with a file. To validate a signature, a certifying authority validates information about the software developers and then issues them digital certificates. The digital certificate contains information about the person to whom the certificate was issued, as well as information about the certifying authority that issued it. When a digital certificate is used to sign programs, ActiveX controls, and documents, this ID is stored with the signed item in a secure and verifiable form so that it can be displayed to a user to establish a trust relationship.
What Is a Signature? Why Do We Need Them?Office has introduced digital signatures to help users distinguish legitimate code from undesirable and potentially damaging code. If you open an Office document and see a macro security warning with digital signature information, you can feel reasonably confident that the person (or corporation) signing the macros also created them. You can choose to trust all macros signed by this person by clicking to select the Trust all macros from this source check box. From then on, Office will enable the macros without showing a security warning for any future documents containing macros signed by this trusted source.
A digital signature is the public certificate plus the value of the signed data encrypted by a private key. The value is a number generated by a cryptographic algorithm for any data that you want to sign. This algorithm makes it nearly impossible to change the data without changing the resulting value. So, by encrypting the value instead of the data, a digital signature allows the end user to verify the data was not changed.
What Happens with Each Security Level?To take advantage of the benefits of digital signatures for macros, Office introduces security levels. To set the security level, on the Tools menu, point to Macro and click Security. These security levels are outlined in the following table.
When opening a file with macros under medium security, a security warning offers the user a choice between enabling or disabling macros. The Office 2000 Medium Security Warning dialog box has digital signature information, if it is available for the file being opened. This security level allows existing Office 97 solutions, which are not yet signed, to be enabled. Once a user chooses to trust all macros from a source, Office on medium security will automatically enable signed macros from that trusted source.
Low Turns off all macro security
warnings in Office programs.
Medium User prompted to enable or disable
the macros on a file-by-file basis.
High Only allows signed and trusted
code to run.
Under high security, Office silently disables unsigned macros. This helps avoid accidental enabling of potentially dangerous macros. To help fight the larger number of Microsoft Word macro viruses spread through documents, Word 2000 is set to high security level by default. Under high security, a security warning is shown for digitally signed macros that have not been previously added to the Trusted Sources list. This allows you the opportunity to inspect the digital certificate, and if you choose to trust all macros from the source, click Enable Macros. The Enable Macros button is unavailable until you click to select the Always trust macros from this source check box.
Low security is useful if you have installed the latest version of a virus scanner and the most current virus signature files for that program and you feel confident this virus scanner will detect all viruses.
NOTE: Microsoft recommends using antivirus software that is certified by ICSA, Inc. ICSA is completely independent and shares vital security information with security product manufacturers, developers, security experts, academia, and corporations. For more information, see the following ICSA Certified Anti-Virus Pr
oducts Web site:
http://www.icsalabs.com/technology-program/anti-virusFor additional information about security levels, click the article numbers below to view the articles in the Microsoft Knowledge Base:
215715 XL2000: "The Macros in This Project Are Disabled" Error Running Macro
192073 WD2000: Error Message: The Macros in the Project Are Disabled
How Can I Obtain a Signature?To obtain a digitial signature, first, you must obtain a digital certificate. One option is to get a fully certified certificate from a certificate authority. Both individuals and commercial entities can obtain a commercially authenticated certificate for their code. To learn about the application process and requirements, see Introduction to Code Signing at the Microsoft Authenticode Web site. A list of Certificate Authorities is provided at the following Microsoft Web site:
You can create your own certificate for personal use or testing purposes with the SelfCert.exe tool provided in Office. This unauthenticated certificate will allow you to sign your own macros, and to trust this digital certificate so that all macros you sign will not generate a security warning. This type of certificate is not validated by a Certifying Authority, therefore, other users will see a warning not to trust it.
If you see the following security warning
This publisher has not been authenticated and therefore could be imitated. Do not trust these credentials.and this is not your certificate, you should assume this certificate was forged.
A malicious virus might be digitally signed by a digital certificate by the name of "Microsoft Corp." However, the security warning will warn you that this is not an authenticated certificate, and therefore the certificate cannot be from Microsoft.
To Install the SelfCert ToolIf you do not see a program icon for Digital Signature for VBA Projects in your Office folder, to install the tool, follow these steps:
- Quit all Office programs. Click Start, point to Settings, and then click Control Panel.
- In Control Panel, double-click Add/Remove Programs.
- On the Install/Uninstall tab, click to select Office 2000 product, where Office 2000 product is the version of Office you are using.
If you are using a stand-alone version of one of the Office programs, click to select the appropriate product in the list. Click Add/Remove.
- In the Setup dialog box, click Add or Remove Features.
- In the Microsoft Office 2000: Update Features dialog box, click the plus sign (+) to expand the features list next to Office Tools. If the sign is already a minus sign (-), the features list is already expanded.
- Click the symbol next to Digital Signature for VBA projects, and then click Run from My Computer in the list that appears. Click Update Now.
To Create a Test CertificateTo create a test certificate for use with your Visual Basic for Applications projects in Office, follow these steps:
- Click Start, point to Programs, and then click Windows Explorer.
- In Windows Explorer, navigate to the
path\Microsoft Office\Office folder, where
path is the drive and folder location where you installed Office.
- Find the SelfCert.exe program, and then double-click it to start it.
- After SelfCert starts, type your name in the Your name box, and then click OK.