A series of worms that affect Windows XP and Windows 2000 and do not need e-mail attachments to be opened, are spreading rapidly.
The Sasser worms' impact is expected to peak today as home laptops are connected to office networks, with the exception of the UK, which has a May bank holiday.
Microsoft has rated the vulnerability exploited by the W32/Sasser A and Sasser B worms as critical and security experts urged all users of vulnerable systems to apply patches immediately.
"Successful exploitation of this issue could allow a remote attacker to execute malicious code on a vulnerable system, resulting in full system compromise," Microsoft said in a security bulletin.
The Sasser worm works in a similar way to last year's Blaster worm, but has not yet spread so quickly, according to Graham Cluley, senior technology consultant for security vendor Sophos. Computers infected with the worm boot up normally but then hang up or shut down when users attempt to do any work. The new worm exploits the LSASS (Local Security Authority Subsystem Service) remotely exploitable buffer overrun vulnerability first reported by Microsoft on 13 April.
The worm does not damage files and is relatively easy to remove, although concerns have been raised that information stored on an infected computer could be compromised. New variants could appear very soon, Cluley said.