The worm, which targets the more recent versions of Microsoft Windows, including Windows XP and Windows 2000, was first reported on 1st May. It is designed to attack a known vulnerability in the operating system - a patch for which was released by Microsoft on 13th April.
Users of earlier versions of the Windows software are not completely in the clear, however. According to experts they may still spread the virus, even if not affected by it.
Sasser spread slowly after its initial release, but a series of variants have seen infection rates rise rapidly. Experts are unable to say how many machines have been infected so far, but it could be as many as one million.
The worm spreads by means of the internet, and does not rely on a user opening an attachment in an e-mail – rather, the worm infects an unprotected machine simply by its connection to the internet. Once infected the PC may continually crash and reboot, while the worm uses the machine as a base from which to infect other PCs.
"The Sasser worm spreads in a similar way to last year's serious Blaster outbreak - it travels via the internet, exploiting security holes in Microsoft's software and doesn't rely on e-mail," said Graham Cluley, senior technology consultant for security firm Sophos. "Computers which are not properly protected with anti-virus updates, firewalls and Microsoft's security patch are asking for trouble."
The worm has exploited security flaws at the UK Maritime and Coastguard Agency, which yesterday admitted that its systems had been hit by the worm. The agency stressed that search and rescue work had not been affected.
The patch can be downloaded from the Microsoft website