A new variant of Sasser, apparently authored by one 'Bill Gate', has been spotted on European networks this afternoon.

Sasser F is virtually identical to the previous five versions of the worm, and spreads via a flaw in unpatched Windows operating systems.

The release, coming after the arrest of the chief suspect for Sasser's invention, suggests that source code for the exploit has been released or that the virus is a joint effort within a still operational team.

"To me this would suggest that the source code is out there," said Jack Clark, technology consultant at security software vendor Network Associates.

"But there could be any number of reasons. Sasser could come from a group and technically it could have been released ages ago and only just activated, although that is highly unlikely."

Once on a PC Sasser writes itself onto the drive as NAPATCH.EXE. It then attempts to connect to random IP addresses on ports 445 and 9996.

Microsoft's patch is available here.