Enable Minimizing VBA Project Digital Signature Invalidation

This policy setting allows you to reduce the number of actions in Office that will result in a document's VBA digital signature becoming invalidated. The VBA project may be modified in certain ways that change the project storage but that do not invalidate the source code digital signature. With this setting turned off, these actions will lead to the VBA digital signature being invalidated, and the signature dropped on save if the user does not have the private key available to resign. With this setting on, we will only perform a resign of the project if the source code signature has changed, and will keep the existing signature in other cases. If the VBA project storage is changed and saved, but the old signature retained under this feature, this can lead to an invalidation of the saved compiled VBA project state. If this happens, the VBA project will be forced to recompile each time the document is loaded. This may have negative performance impacts for larger VBA projects. Once a document is in this state, the state will persist until the VBA project is resigned.

This policy has no additional user input fields.

• User
  ActiveX Control Initialization

  Windows7
• User
  Allow Basic Authentication prompts from network proxies

  Windows7
• User
  Allow file extensions for OLE embedding

  Windows7
• User
  Allow root or intermediate certificates as VBA trusted publishers

  Windows 10
• User
  Allow specified hosts to show Basic Authentication prompts to Office apps

  Windows7
• User
  Allow VBA to load typelib references by path from untrusted intranet locations

  Windows 10
• User
  Automation Security

  Windows7
• User
  Block additional file extensions for OLE embedding

  Windows7
• User
  Block all internet macros (ignore trusted locations or publishers)

  Windows 10
• User
  Block Insecure Protocols

  Windows7
• User
  Block loading of COM/VSTO add-ins registered in HKCU

  Windows 10
• User
  Block OLE Graph

  Windows7