Protecting your prized PowerPoint content
Our comprehensive guide to password protecting PowerPoint files so your precious presentations stay just they you made them!
You can do some really cool things in Microsoft Office with just a few lines of Visual Basic for Applications (VBA) – from creating your own custom formula in Excel to correcting branded content in PowerPoint to merging address data for a mail campaign in Word. And sometimes you need to share that VBA solution with colleagues and clients, via the Internet. A change to VBA security that Microsoft rolled out at the end of March 2022 tweaks the process required by Windows users to gain access to this active content.
Prior to this change, if you received a file from the Internet via an email or a website download link, you’d be explicitly asked to Enable Content, assuming you trusted whoever was providing you with the file. That appeared in the message bar below the ribbon when you opened the file, like this:
Microsoft observed that most users automatically trusted whoever was sending the file and sometimes dubious techniques were used by naughty people trying to trick you into trusting them. It was considered too easy for recipients of malicious content to click that magic Enable Content button and get themselves into hot water.
Several aspects changed in the user experience when opening macro-enabled content on Windows PCs. Firstly, the message bar has changed from yellow to pink to indicate a higher level of importance. Secondly, The easy-to-access Enable Content button has been replaced with a Learn More button, which simply takes you to this Microsoft article and does not enable the macro content.
That means you have to go through extra hoops to activate the macro-enabled functionality.
When you receive a file from the Internet via an email or a browser download, that file has a special attribute added to it by Windows called the MOTW. It doesn’t mean Match Of The Week for all you sports fans, but Mark Of The Web. You can see it easily as follows:
Right-click the file and then select Properties. The MOTW attribute is shown by default as an unchecked Unblock checkbox in the Security item at the bottom of the General tab:
By explicitly checking the Unblock check box, you’ll be able to open your prized macro-enabled content and access the additional functionality enabled by the VBA code inside it.
Most of the Microsoft Office files you receive will be standard PowerPoint, Excel and Word files in their respective formats of pptx, xlsx and docx. In some cases, files will have automation features built into them, often custom-designed for your specific workflows. These files have the letter m as their suffix i.e. pptm, xlsm, docm. Assuming you trust the provider, you will either have to have them saved to a Trusted Location within your organisation or check the MOTW Unblock checkbox before you can use those automation features.
If you have a BrightCarbon software product, it is most likely an add-in. Microsoft have stated that add-ins are not affected by this change (1). However, the delivery of our in-file automation solution ShowMaker may be affected – your BrightCarbon contact will be able to talk you through accessing its features.
A digital signature is something a software publisher can use to certify that the VBA code received by you has been unaltered since it left that publisher. For example, BrightCarbon digitally sign all of our automation solutions whether they’re a macro-enabled file or an add-in. By signing a file, the old and new message bar experiences can be bypassed once the publisher has been trusted, as alluded to in step 3 of this security flowchart from Microsoft:
That’s a tricky question as Microsoft didn’t include it in their public release notes but it’s around the beta channel version 2205, build 15130. It may also have been implemented in the annual and semi-annual channels that get published after March 2022.
That’s great question and fortunately for you, Microsoft have published several articles aimed at explaining this change to various audiences:
General blog article announcing the change
The in-app “Learn More” article for users
A technical article for IT administrators
Information on Trusted Locations
Check out our PowerPoint automation service offering and get in touch to discuss your needs.
1) Although Microsoft have stated that this change does not affect add-ins we’ve seen a few cases where this isn’t true. Many add-ins are installed on Windows in this Microsoft-recommended folder:
C:\Users\Username\AppData\Roaming\Microsoft\AddIns
This folder is a Trusted Location by default. Some add-in publishers, including BrightCarbon, install their add-ins in a subfolder to make it clear who’s files belong to who. Microsoft Office considers subfolders of the above trusted folder to be untrusted by default! You can change this in the respective Office app by clicking File / Options / Trust Center / Trust Center Settings / Trusted Locations and selecting the location that ends with Addins. Then click the Modify button followed by the Subfolders checkbox in step 4 below.
Leave a commentOur comprehensive guide to password protecting PowerPoint files so your precious presentations stay just they you made them!
Understand the most significant differences between PowerPoint for Windows and PowerPoint for Mac whether you're a PowerPoint dabbler or power user.
If you've ever run or written a macro for PowerPoint, Excel or Word on a Windows PC you'll probably be familiar with the Developer tab. Move over to the Mac and you'll be able to turn on the Mac Developer tab for both Excel and Word but it simply doesn't exist for PowerPoint. Until now!
Join the BrightCarbon mailing list for monthly invites and resources
Tell me more!BrightCarbon creates compelling visuals and storylines, helping us to convey value in a fiercely competitive marketplace.
Neil Davidson Deltek
>>A change to VBA security that Microsoft rolled out at the end of March 2022
Maybe make that “that Microsoft began rolling out in April 2022”?
Still waiting for it to bite my … sensitive bits.
Thanks for creating this helpful documentation, Jamie.