LOL... Macros are in general disabled in Office by default, I guess it's widely known that this is dangerous to enable it. To suggest to enable signatures as a workaround is not really smart because that is also fakable. I would better not use it or if it's really necessary because you're on a business environment then you should look for alternatives or completely make the switchover to enum or constant T (within e.g. C++). The thing is that macros are not debuggable, it can lead in side effects (like malware/performance), they usually not having any namespace and many more.
I though Macro-running was automatic So these Macros run in Word? Hm. Maybe Microsoft could set Word to automatically accept only trusted Macros. I mean, they know Word is vulnerable, so why not?
Macros by default are disabled in all the latter versions of Word. In a business environment, you would use Group Policy to ensure that they could not be user enabled. However, there are business environments that do use macros for daily operations ....................
Let macros die.... .... Reminds me on several win2k/xp macro related attacks ... oohhh the time ... PS: Locky also comes with Javascript (or some versions of them), so ensure you enabled noScript and only use whitelist. But from what I know all AV's even defender got already updates to detect it, so should be no problem (for now). ... ... what's next new activex attacks .....
