Microsoft Office Tutorials and References
In Depth Information
The VSTO security model involves wide support from Trust Center in Microsoft
Office and the Visual Studio Tools for Office runtime, which helps resolve the
security issues common to VBA code. There are many disadvantages to the VBA
security model. An abundant number of viruses are easily developed using VBA
macros. To run VBA macros safely, you have to set the security to high on the user
machine, and digitally sign the code. More importantly, these operations need to be
performed manually by the user. In VSTO 3.0, the Security Model has been changed.
VSTO builds the security policy that is required to run and debug your solution on
your computer every time that you build a project. The Assemblies are signed before
publishing—this is done by Visual Studio 2008. Preferably, you obtain a certificate
from a globally-acknowledged Certificate Authority or from an internal Certificate
Authority, if the solution is only for an internal solution, and sign the manifests
using the signing properties page in Visual Studio. Later, you publish the solution
to its appropriate location.