Access 2003 Macro Security Levels, Sandbox Mode, and Digitally Signed Files Tim Gordon [email protected] Programming Plus (816) 333-7357 About dangerous code Dangerous code can consist of powerful commands that may exist in an Access file you open — in its objects (such as queries, forms, reports, and macros), and also in its Microsoft Visual Basic for Applications (VBA) modules. You can prevent some potentially dangerous code from running by running Access in sandbox mode, which is strongly recommended. How the macro security level works Access features three different macro security levels that control what happens when you first try to open a database file, and what can then happen while you have that database open. These levels are High, Medium, and Low: · At the High macro security level, Access prevents you from opening any file unless it is digitally signed. · At the Medium macro security level, Access prompts you with a message when you first open a file. This message warns you that the file could contain code that might damage your computer or data, and gives you the choice of either opening the file or not. The file may or may not have a digital signature. If you decide not to open the file, you can choose to scan it for viruses, check with the originator of the file (that is, the person or company that created or changed it) to verify that it is safe, and then open it later. · At the Low macro security level, Access allows you to open any database file without being prompted. It is strongly recommended that you never use the Low macro security level. The macro security level for each Microsoft Office program is independent of all other Office programs. So, for example, if you set the macro security level to Medium in Access and the macro security level is already set to High in Microsoft Word, the security level for Word won't change. Depending on your work environment, you will choose one of the three macro security levels for yourself. In Access, it is recommended that you choose High. If you need to work with unsigned files from other sources, you can use the Medium macro security level to do that; however, you should always examine such files and sources carefully before choosing to enable any macros, and change back to High when you no longer need to use the Medium level. If you use only your own files in Access, you should self sign your own files and use the High macro security level. What to do if you don't see the Security command To change your macro security level in Access, you'll need to use the Security command (Tools menu, Macro submenu). However, this and other commands may have been made unavailable by your organization's Office administrator. Note You may want to check with your Office administrator before attempting this procedure. Certain commands, such as the ability to change macro security levels, may have been made unavailable as part of your organization's security policy. To make the Security command available 1. On the Tools menu, click Customize, and then click the Commands tab. 2. Click Rearrange Commands, click Menu Bar, and then in the Menu Bar box, click Tools | Macro. 3. Under Controls, click the Add button. The Add Command dialog box appears. 4. In the Categories list, click Tools. 5. In the Commands list, click Security, and then click OK. The Security command now appears in the Controls list. 6. Use the Move Up and Move Down buttons to position the Security command where you want. 7. Click Close twice. Access sandbox mode For an additional layer of safety while working in Access, you can run the program in sandbox mode. What is sandbox mode? Simply put, running in sandbox mode helps ensure that any potentially dangerous commands that could be run from an Access expression will be blocked. Access is "playing safely in a sandbox," so to speak, and is not being allowed to hurt anything outside its domain. How sandbox mode protects your computer In Access, it's possible to run dangerous VBA code in expressions — strings of instructions that Access can use to perform operations on your database. These expressions can include commands and properties that could delete files, change file attributes, start other programs, change Access settings, or change environment settings (for example, the PATH statement) on your computer. Running Access in sandbox mode helps prevent dangerous code from being run in expressions. Important Code in a module or macro cannot be disabled by sandbox mode. To prevent macros or VBA code from being run in Access or to safely remove such code from your database altogether, you can do one or both of the following: Remove the macros or the modules that contain the code, or disconnect the modules that contain code connected to the database objects. Take care to ensure that you don't inadvertently remove functionality from your forms, reports, and other database objects. Functions and properties that are blocked in sandbox mode HTTP://SUPPORT.MICROSOFT.COM/DEFAULT.ASPX?SCID=KB;EN-US;294698&PRODUCT=ACC and HTTP://OFFICE.MICROSOFT.COM/EN-US/ASSISTANCE/HP010447361033.ASPX How do you identify and fix functions and properties that are blocked in sandbox mode so that your database continues to function properly? If you have Microsoft Office Access 2003 Developer Extensions installed, you can use the Custom Startup Wizard to search for all the expressions that are blocked in sandbox mode. The Custom Startup Wizard helps you create new databases with custom startup options based on a development database, but it also provides an option to find the expressions that are blocked in sandbox mode. For more information on how to identify and fix unsafe expressions, see: Frequently asked questions about Access security warnings, Question 19 HTTP://OFFICE.MICROSOFT.COM/EN-US/ASSISTANCE/HA011225981033.ASPX#190 Access 2003 Developer Extensions are part of the new Visual Studio Tools for the Microsoft Office System software package. Visual Studio Tools for the Microsoft Office System HTTP://MSDN.MICROSOFT.COM/HOWTOBUY/VSTO/DEFAULT.ASPX Visual Studio Tools for the Microsoft Office System Version Upgrade $199 US Estimated Price $499 US The Jet 4.0 Service Pack 8 update To run Access in sandbox mode, you must first install the Service Pack 8 (SP8) update for Microsoft Jet 4.0 — a program that Access uses behind the scenes for many of its operations, such as running queries and updates. At any time, go to Microsoft.com, click Windows Update in the left column, and then install all high-priority and critical Windows updates. Before you do this, you first may be able to determine if the Jet 4.0 SP8 update has already been installed on your computer by looking in the Add or Remove Programs section of Control Panel. If you have installed the Service Pack 2 (SP2) update for Windows XP, at the top of the Add or Remove Programs window, make sure that the Show updates check box is selected. If you find the Windows Hotfix KB837001 or KB829558, the Jet 4.0 SP8 update has been installed. You should still install all critical and high-priority Windows updates, however. Important This update to the Jet engine is a vital part of security in Access and should be installed for every computer that runs Access. In fact, it's part of the Windows critical updates. Note In order to install the Jet 4.0 SP8 update, you must have Administrators permissions on your computer. See your Office administrator for more details. What happens if you enable sandbox mode without installing the latest Jet service pack? Under these circumstances, several Access features will not work properly. These features were not installed or are not enabled because the latest version of the Jet service pack is required for Access to be in sandbox mode, yet retain its full functionality. The following is a list of things that might not work properly if you enable sandbox mode before installing the latest Jet service pack: · Wizards may not start. · Switchboards created by using the Switchboard Manager won't function properly. · You can't use the RunCode macro action to call a Visual Basic for Applications (VBA) procedure. · Event handlers that call VBA procedures won't function. · VBA procedures that are called from a property sheet or used in an SQL statement won't function. · The following VBA functions won't work when called from a property sheet or used in an SQL statement: · FormatCurrency · FormatDateTime · FormatNumber · FormatPercent · InStrB · InStrRev · MonthName · Replace · StrReverse · WeekDayName After you have installed the Jet update When you start Access for the first time after installing the Jet 4.0 SP8 update, and Access is set to either the Medium or High macro security level, you will see the message shown above. What does this message mean? Simple — click Yes to block unsafe expressions and run Access in sandbox mode. Assuming that you are running Access at the High or Medium macro security level, you're all set — and you should not see any more messages about sandbox mode, unless you change the macro security level and then explicitly choose to allow blocked expressions. If your macro security level is set to Low, you won't be prompted about blocking unsafe expressions when you start Access for the first time after installing the Jet update. Only when you change the macro security level to Medium or High will you see the message shown above. Change your macro security level to Medium or High, and then click Yes to block unsafe expressions.