Why did I receive a Security Risk Warning from Microsoft?

If you downloaded on of our tools and opened it in Microsoft Excel, you may have received a Security Risk warning banner like this one:

An image of the Security Risk banner in Microsoft Excel indicating that Microsoft has blocked macros from running.

This is expected behavior from Microsoft Excel. In July 2022, Microsoft began rolling out a change to the default behavior of Office applications to block macros in files received from the internet. See Microsoft’s article here. This does not mean that the tool you obtained from F1 Analytics contains malicious code. The macros developed for our tools do not pose a risk to you, your computer, or any data stored on your computer.

What are macros and why should they be blocked? #

Microsoft Office applications include an internal programming language called Visual Basic for Applications (VBA). While applications like Excel ship with an immense amount of built in functionality, VBA allows users to write custom programs called macros that extend Excel’s capabilities to allow an incredible amount of customization and automation. For example, in the F1 Analytics Invoice Tool, all of the functions included on the F1 Analytics ribbon tab are driven by VBA macros that add, edit, save, and analyze the data entered into the tool. Similarly, the calendar widgets used to enter dates into the tool are also driven by VBA macros. These are only a few examples, but demonstrate the extensive capabilities of user-written programming through VBA macros. You can identify a macro-enabled Excel file by its file extension, which will often be .xlsm, but may also be .xlsb, .xltm, or .xlam.

It is important to note that there is nothing inherently bad with macro programs. Unfortunately, there are some bad people out there in the world who have used VBA macro programming as a way to spread computer viruses and hack into systems. Frequently, hackers may use email attachments as a way to spread malicious code to unsuspecting users. A user receiving such a fake email may believe the attachment is real, and attempt open it. Historically, the user would be prompted to enable macros which, when enabled, would execute code to download a virus from an external site or perform other invasive actions.

Because of the risk associated with macros and their use by hackers to target systems worldwide, Microsoft and the broader IT security community agree that disabling macros as the default setting for Office applications is the safest strategy. We at F1 Analytics agree with this approach.

How do I unblock a tool I received from F1 Analytics? #

The easiest way to unblock the macros in an Excel file downloaded from a trusted source is to right-click on the file, and click on Properties as shown in the image.

An image of the context menu opened after right-clicking on a macro-enabled Excel file with the .xlsm file extension.

The Properties dialog box will open, as shown in the image. At the bottom of the General tab, you will find a Security notice indicating the file came from another computer and might be blocked.

Next to the Security notice is a checkbox labeled “Unblock”. Checking this box will remove the default Office block on the file and allow you to use it as intended.

An image showing the Properties dialog box with a red box around the security notice about blocking macros, and the checkbox to unblock the file and allow normal use.

Why do I still see warnings after I unblock a file? #

You may open a file and find that Excel opens the file in Protected View, with a yellow banner below the ribbon (see image below). Protected View is a read-only mode that is used to reduce the risk of malicious code running. See Microsoft’s article about Protected View here. If a file from F1 Analytics opens in Protected View, you will need to click on the button to Enable Editing in order to use the tool as intended.

Even after unblocking a file, you may open the file and see the following Security Warning in a yellow banner below the ribbon (see image below). Again, this is a security precaution to prevent malicious code from running when the file is opened. If the file was received from a trusted source, then click on the Enable Content button to allow macros to run and continue using the file normally.

If a file from F1 Analytics opens with this Security Warning, you will need to click on the Enable Content button to use the tool as intended.

Scroll to Top