The B variant was also found during yesterday. This is when got the first reports of these variants: - Sasser.A around 02:00 GMT on May 1st - Sasser.B around 16:00 GMT on May 1st
Both are detected by current F-Secure Antivirus updates, but the most important thing right now is to get the latest patches from Microsoft.
Sasser.B is a minor variant of Sasser.A, with identical length and functionality. The binary image looks different and the dropped filename has been changed from AVSERVE.EXE to AVSERVE2.EXE. Also the logfile name is now WIN2.LOG instead of WIN.LOG.