A Trojan horse posing as a rich text Word document is exploiting a Microsoft Word flaw that was discovered over a month ago.

Anti-virus experts have warned that the Goga Trojan is capable of sending out user information, such as logins and passwords, from an infected machine.

The virus appears as a Rich Text Format (RTF) Word document which, when opened, exploits a flaw in Word's security.

The rich text document contains a link to a Russian website, which features a malicious macro code that executes a small utility in the RTF file's binary section.

This utility searches the computer and dumps internet access information into a text file which the macro script publishes into a publicly accessible guest book on the website.

The virus author, or anybody for that matter, can then browse the guest book to access the stolen information.

Kaspersky Labs said the best form of defence against this virus is to download the Microsoft Word patch available here, which closes the security gap that allows the macro to work.