This policy setting allows you to block macros from running in Office files that come from the internet.
If you enable this policy setting, macros are blocked from running, even if "Enable all macros" is selected in the Macro Settings section of the Trust Center. Users will receive a notification that macros are blocked from running.
The exceptions when macros will be allowed to run are:
- The Office file is saved to a Trusted Location.
- The Office file was previously trusted by the user.
- Macros are digitally signed and the matching Trusted Publisher certificate is installed on the device.
If you disable this policy setting, the settings configured in the Macro Settings section of the Trust Center determine whether macros run in Office files that come from the internet.
If you don't configure this policy setting, macros will be blocked from running. Users will receive a notification telling them of the security risks of macros from the internet along with a link to learn more.
For more information, see https://go.microsoft.com/fwlink/p/?linkid=2185771.