?
Solved

Enable excel macros on production server??

Posted on 2009-05-07
2
Medium Priority
?
220 Views
Last Modified: 2012-05-06
Hi Fellow experts,

I'm stuck between a client and a vendor, and I need to validate my response to this issue:

The client has a production server that runs an IIS_based health care app.
The vendor recently came out with an "enhancement" whereby a user could upload an excel file to the server, the server would then run a set of macros to process the data and further upload the resultant data to a government system.

My first reaction is "WTF, you want me to enable excel macros on a production server, AND the user uploads the excel files from their own PC????"

I asked them what if the excel file the user uploads is macro infested?   Response: "hmmmm"

Am I off-base here?  Is there a way to secure all of this that I am not aware of?
0
Comment
Question by:SunnySlacker
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 13

Accepted Solution

by:
Brian Withun earned 2000 total points
ID: 24330320
You could issue digital certificates to the users who will be uploading these workbooks, and require them to be digitally signed macros.  Make sure these are real certificates, issued by a reliable certificate authorithy like Thawt or Verisign.

On the server, trust the issuing certificate authority so that Excel will run the signed macros without challenging them.

From VisualBasic: Tools > Digital Signature...

Then, nobody except your certificate holders will be able to get their macros to run on your server.

0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
New style of hardware planning for Microsoft Exchange server.
The viewer will learn how to create a normally distributed random variable in Excel, use a normal distribution to simulate the return on an investment over a period of years, Create a Monte Carlo simulation using a normal random variable, and calcul…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question