Deployment of VSTO add-ins have always been tricky. In Office 2007 we could deploy a VSTO Add-in for All users(after the hotfix) but if the assembly is not signed with a Trusted Publisher’s Certificate, each user sees the Microsoft Office Customization Installer dialog box (also know as the trust prompt) asking them if they want to install the add-in the very first time the add-in is loaded. If they choose to install the add-in, the add-in will run and they will not be prompted again. If they choose to not install the add-in, the add-in will not load and they will continue to see this trust prompt every time they open up the Office application and the add-in tries to load.
We could also avoid the Trust Prompts by creating a Inclusion List entry on a per user basis.The Registry propagation mechanism could be used to replicate the Inclusion List registry key to HKCU hive.
If you are developing your solution with Visual Studio 2010 and targeting .NET 4, an alternative to signing with a Trusted Publisher certificate and using Inclusion List is to install the add-in into the machines Program Files location. This location needs administrative privilege to write to and will be inherently trusted by VSTO, so there will be no trust prompt. We don’t have to worry about signing with a Trusted Publisher certificate and Inclusion Lists.
If you ask me? This is the BEST change in the Office Deployment space!