Block all internet macros (ignore trusted locations or publishers)

Supported OS tags: Windows10

This policy setting removes the trusted location and trusted publisher exceptions for files downloaded from the internet with Mark of the Web (MOTW). By default, Office blocks macros from the internet but allows exceptions for files that are either in trusted locations or signed by trusted publishers. If you enable this policy setting, all macros in files downloaded from the internet will be blocked, including those in trusted locations or signed by trusted publishers. This provides maximum protection against internet-based macro threats. If you disable or don't configure this policy setting, the default behavior applies where macros from the internet are blocked except when the file is in a trusted location or signed by a trusted publisher.

This policy has no additional user input fields.

• User
  ActiveX Control Initialization

  Windows7
• User
  Allow Basic Authentication prompts from network proxies

  Windows7
• User
  Allow file extensions for OLE embedding

  Windows7
• User
  Allow root or intermediate certificates as VBA trusted publishers

  Windows 10
• User
  Allow specified hosts to show Basic Authentication prompts to Office apps

  Windows7
• User
  Allow VBA to load typelib references by path from untrusted intranet locations

  Windows 10
• User
  Automation Security

  Windows7
• User
  Block additional file extensions for OLE embedding

  Windows7
• User
  Block Insecure Protocols

  Windows7
• User
  Block loading of COM/VSTO add-ins registered in HKCU

  Windows 10
• User
  Block OLE Graph

  Windows7
• User
  Block OrgChart

  Windows7