InformationThis policy setting controls whether add-ins for the specified Office applications must be digitally signed by a trusted publisher. The recommended state for this setting is: Enabled. By default, Office applications do not check the digital signature on application add-ins before opening them. Disabling or not configuring this setting may allow an application to load a dangerous add-in. As a result, malicious code could become active on user computers or the network.
SolutionTo implement the recommended configuration state, set the following Group Policy setting to Enabled. User Configuration\Administrative Templates\Microsoft Excel 2016\Excel Options\Security\Trust Center\Require That Application Add-ins are Signed By Trusted Publisher Impact: Enabling this setting could cause disruptions for users who rely on add-ins that are not signed by trusted publishers. These users will either have to obtain signed versions of such add-ins or stop using them.