Policy
Enable macro trust levels
Microsoft Office
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10
This policy setting controls whether macro trust levels are enabled, which classifies VBA macros into four security levels based on file location and digital signature status. If you enable this policy setting, VBA macros will be classified into the following trust levels with corresponding user experiences: - Lowest (Most Trusted): Files signed by a trusted publisher, saved to a trusted location, or unsaved files. - User Experience: No Message Bar displayed, macros load normally. - Lower: Files opened from a connected personal or business OneDrive account, connected SharePoint location, or local OneDrive folders. - User Experience: Yellow Message Bar with Enable Content option. - Moderate: Files opened from intranet locations, or signed with an extended validation (EV) certificate but not by a trusted publisher. - User Experience: Yellow Message Bar with a Learn More option. This encourages security awareness by requiring additional steps before enabling macros. - Highest (Least Trusted): All other files. - User Experience: Red Message Bar with macros blocked. When enabled, unsaved files containing macros will display a warning dialog when users attempt to save the file to local disk, informing them that saving locally may block macro execution when the file is reopened. If you disable or don't configure this policy setting, macro trust levels are not enabled and the standard macro security behavior applies.
Registry values
How enabled and disabled states update the registry.
| Scope | Registry location | Type | Enabled value | Disabled value | Copy |
|---|---|---|---|---|---|
| User | Path software\policies\microsoft\office\16.0\common\security Value name enablemacrotrustlevel | REG_DWORD | HKCU 1 | HKCU 0 |
Policy elements
Inputs and configuration options exposed by this policy.
This policy has no additional user input fields.