Criminal hackers have begun trying to do to a Microsoft plug and play vulnerability what Sasser did to systems worldwide.

This one doesn’t spread through email; instead the Zotob worms target a vulnerability in the Windows operating system and can spread from machine to machine across a LAN or the Internet.

According to security firm Sophos, two versions of the Zotob worms began circulating over the weekend. Microsoft had released a patch for the flaw on August 9th as part of its monthly security bulletins, known among administrators as “Patch Tuesday.”

There won’t be any lobbying for Patch Tuesday to be a holiday any time soon. The Zotob worms pose a threat similar to the Sasser worm, which circulated globally last year, affected thousands of systems and millions of users, and only garnered a slap on the wrist for its creator.

After infecting a machine that has not patched the plug and play hole, the worm opens a backdoor in the system, which would permit unauthorized remote access. Zotob then tries to spread itself to other machines.

Users of Windows versions 2000, XP, and 2003 should visit Microsoft’s web site and obtain a patch if they have not done so already. According to a Sophos statement, similar worms may soon be created: “We wouldn’t be surprised if more worms were released which exploited this security hole in Microsoft’s software,” said Graham Cluley, senior technology consultant for Sophos.

David Utter is a staff writer for Murdok covering technology and business. Email him here.