What about this new Backdoor. Some Internetnews reports, that avast don’t find this in current Database?
see: Detailed Description
Thanks Roland
According to the German it-news-site heise.de there has been an av-test today which showed that only a few scanners were able to find all ginwui samples. Avast! among some other scanners wasn’t able to detect any of the samples (yet?).
You can find more details here: http://www.heise.de/newsticker/meldung/73375
Since the current means of distribution is word docs, exercise extreme care when receiving word docs, especially from unknown sources or if they are unexpected.
Since this also places files in the system folders and creates registry entries, I wonder if word could be run under the DropMyRights (see DropMyRights in my signature) in windows XP, for use if you are suspicious of a word document. This may at least limit the potential for harm.
Hi Eagle1, electronikk & DavidR,
There is an easy prevention in the form of the well-known AVX Scriptwall tool, available from here: http://www.analogx.com/
I have used this program now for years and it still is very effective. You can view the script beforehand, and then decide not to run it. Another thing to-day I would not like to surf without siteadvisor installed.
Here you can find the technical details of this backdoor trojan dropper:
http://www.symantec.com/avcenter/venc/data/backdoor.ginwui.html
polonus
Are you sure it is AVX Scriptwall, as far as I’m aware analogx.com do ScriptDefender.
A google search for AVX Scriptwall it would appear to be from SoftWin the Bitdefender people. However, I couldn’t find scriptwall at the softwin.ro web site.
Hi DavidR,
Thanks for the remark, slip of the keyboard while on holidays.
Off course I mean the Bitdefender version. This is the one: http://www.archive.org/details/tucows_195395_BitDefender_Script_Wall
polonus
Thanks polonus, that version is from 2000, so I’m not sure just how effective it might be now over 5 years later.
title: BitDefender Script Wall date: 2000-10-05also
Operating Systems 98/NT/2k/Me
This is according to Tucows the only version on their site.
Why couldn’t Avast be among the first ones this time. 
Anyway, here is the link to MS Advisory about it.
http://www.microsoft.com/technet/security/advisory/919637.mspx
Here is an excerpt from the Advisory:
[b]"Use Word in Safe Mode for Home Users
Using Word in Safe Mode helps protect the affected system from attempts to exploit this vulnerability.
All versions of Word have an application recovery feature that allows running Word in Safe mode. Safe mode disables the functionality and prevents vulnerable code from being exploited. Full set of limitations can be found at: http://office.microsoft.com/en-us/assistance/HP030823931033.aspx
Word will display SAFE MODE in title if it is operating in Safe Mode.
Right-click on your Desktop
Select New/Shortcut
Select Browse.
Locate winword.exe.
Append “ /safe” (without quotes) to the end of the file location, after the quotation mark.
Click Next, Name your shortcut as “Word Safe Mode”.
Click Finish.
To open a word document, follow the steps listed below:
Save your word document to a disk or onto your desktop.
Start Word using your “Word Safe Mode” Shortcut.
Click File, click Open, then browse to the document you wish to open.
Impact of Workaround: Users that work in Safe mode will be subject to the limitations outlined in this online help page: http://office.microsoft.com/en-us/assistance/HP030823931033.aspx.[/b]
Just for information. 
HL
Looks to me that it was added 22.5.06 which is GOOD.
HL
Here you can find some more about security measurements for Word files:
http://isc.sans.org/diary.php?storyid=1347
polonus