The arrest by German police of an 18 year-old man in connection with the Sasser worm has not stopped another variant appearing on the internet.

Microsoft said that it "commended German law enforcement for its prompt arrest relating to the Sasser worm", and that the company's antivirus reward programme investigators had worked with informants on the case during the past week.

Redmond claimed that the investigation allegedly led to information relating to all four variants of Sasser, and to the Netsky worm.

"Ultimately there were 28 variants of the Netsky worm, and German authorities are alleging that all these variants are connected to the individual arrested yesterday," Microsoft said in a statement.

Graham Cluley, senior technology consultant at Sophos, said in a statement: "If you scrutinise the most recent Netsky worm, you can see that the author embedded a taunt to antivirus companies, bragging that he also wrote the Sasser worm.

"If this is the case, this could be one of the most significant cyber-crime arrests of all time.

"The international authorities have moved fast in arresting this teenaged suspect.

"Seizing his computers could provide the vital clues which may break open the underground worm-writing network which has been responsible for the Sasser and Netsky worms."

Even so, a new variant of Sasser has already emerged since the arrest. Like the other variants, Sasser.E exploits a security gap in Microsoft Windows known as LSASS, documented in its MSO4-011 bulletin.

In addition Sasser.E has been programmed to erase variants of the Bagle worm from affected systems.

Luis Corrons, a director at Panda Software, said in a statement: "This seems to indicate that there is a kind of cyber-war being waged among the creators of Bagle, Mydoom, Netsky and Sasser, and it will continue to cause many more variants of the viruses."

Removal tools to erase the first four variants of the Sasser worm are available from Symantec Security Response here.