Educause Security Discussion mailing list archives
Microsoft Office Macros
From: Gary Flynn <flynngn () JMU EDU>
Date: Thu, 15 Dec 2005 08:46:04 -0500
How are schools handling Microsoft Office macros? Do you lower the Office security settings so unsigned macros will run? Do users put up with constant warning messages? Do you sign your macros? Do you have an existing PKI infrastructure or did you put something together just for code signing? Do you issue self-signed signing certificates or certificates from a CA already incorporated into MS software? Do you create code signing certificates for individual developers, department, or organization? Who handles the actual code signing? How do you handle distributing the certificates on users' desktops? How do you handle certificate expiration? How do you handle externally written macros? How do you handle user and developer education on handling code signing certificates and signed or unsigned macros? Thanks for any advice and information. -- Gary Flynn Security Engineer James Madison University www.jmu.edu/computing/security
Current thread:
- Microsoft Office Macros Gary Flynn (Dec 15)