MO-211 Expert Prep
Module 1 · Lesson 1.3

Manage Workbooks: Enable Macros in a Workbook

Edit on GitHub

In an enterprise environment, security is the top priority. Because macros (VBA code) can technically be used to run malicious scripts, Excel defaults to a "Locked Down" state. As an Excel Expert, you must know how to navigate the Trust Center to allow legitimate automation to run while protecting the system from external threats.

Part 1: The Trust Center Settings

The Trust Center is the global control panel for Excel's security. To reach it, go to File > Options > Trust Center > Trust Center Settings > Macro Settings.

The Four Levels of Macro Security

Setting Description Recommended Use
Disable all macros without notification Macros are blocked silently. No alerts. High-security environments where no VBA is used.
Disable all macros with notification The Default. Macros are blocked, but a yellow "Message Bar" appears. Standard daily use.
Disable all macros except digitally signed macros Only code from "Trusted Publishers" can run. Corporate environments with internal IT-signed tools.
Enable all macros Dangerous. All code runs immediately without asking. Only for isolated testing; never for production.

Part 2: The Message Bar (One-Time Enablement)

When you open a macro-enabled workbook (.xlsm or .xlsb) under default settings, Excel puts the file in Protected View.

  • The Action: A yellow bar appears at the top of the grid saying "SECURITY WARNING: Macros have been disabled."
  • The Fix: Click Enable Content.
  • The Result: This makes the workbook a "Trusted Document" on your specific computer. You won't be asked again for this specific file unless you move or rename it.

Part 3: Trusted Locations (The Professional Choice)

Trusted Locations allow you to designate specific folders on your hard drive or server where Excel assumes all files are safe.

How to add a Trusted Location:

  1. Go to Trust Center Settings > Trusted Locations.
  2. Click Add new location...
  3. Browse to your project folder (e.g., C:\CompanyReports\Analytics\).
  4. Check "Subfolders of this location are also trusted" if necessary.
  5. Result: Any workbook saved here will run macros instantly with no warnings.
WARNING
Never set your "Downloads" folder as a Trusted Location. This would allow any macro-enabled file downloaded from the internet to run immediately, creating a massive security hole.

Part 4: Trusting the VBA Project Object Model

For some advanced automation (where one macro writes or modifies another macro), you may need to enable a specific developer setting: "Trust access to the VBA project object model". This is found at the bottom of the Macro Settings menu. It is required for specific "Add-ins" or complex automation tools that manage code programmatically.

Part 5: Trust Center Deep Dive (beyond macros)

Macro Settings are only one page in the Trust Center. Several adjacent pages govern how Excel handles non-macro threats—untrusted documents, files from the internet, external data feeds, and add-in catalogs. The exam may ask you to navigate to any of these.

Trusted Documents

A Trusted Document is a specific file that you have explicitly green-lit on your machine. The first time you click Enable Content on the Message Bar, Excel records the file's full path and a hash so it won't prompt you again.

Path: File > Options > Trust Center > Trust Center Settings > Trusted Documents

  • Disable Trusted Documents — Forces Excel to show the security warning every time, even for files you've previously enabled.
  • Allow documents on a network to be trusted — Off by default. Turn it on only if your team's UNC paths are well-controlled.
  • Clear — The single most useful button on this page. Clicking Clear wipes the trusted-documents list, so every previously enabled file will prompt for Enable Content again on next open. Use this after a suspected security incident or before handing your machine to another user.

Protected View

Protected View is the read-only sandbox Excel drops a file into when its origin looks risky. You see a red Message Bar that says "PROTECTED VIEW" and must click Enable Editing to leave the sandbox.

Path: File > Options > Trust Center > Trust Center Settings > Protected View

The page has three independent toggles, each addressing a different threat surface:

  • Enable Protected View for files originating from the Internet — Catches files saved from a browser. The Mark-of-the-Web (MoTW) attribute on the file is what triggers this.
  • Enable Protected View for files located in potentially unsafe locations — Applies to the Temporary Internet Files / Outlook temp folders.
  • Enable Protected View for Outlook attachments — Anything double-clicked directly from a message in Outlook.
IMPORTANT
Disabling these is the single most common cause of corporate macro-malware infections. Leave them on for any account that opens external email.

External Content

This page controls automatic refresh of external data: Power Query connections, legacy database links, web queries, and links to other workbooks.

Path: File > Options > Trust Center > Trust Center Settings > External Content

Key options:

  • Security settings for Data Connections — Three levels: enable all, prompt the user (default), or disable all.
  • Security settings for Workbook Links — Same three-level choice, governing the cross-workbook link prompt that appears on open.
  • Security settings for Linked Data Types — Controls Stocks/Geography and other web-backed data types.
  • Security settings for Dynamic Data Exchange — Disables the legacy DDE protocol that has been used in past phishing attacks.

Resources:

  1. Microsoft Support - Change Macro Security Settings in Excel
  2. Microsoft Support - Add, remove, or change a trusted location in Microsoft Office