Antivirus software companies are again warning e-mail users about a new version of the popular Bagel virus, which is spreading on the internet through infected e-mail messages and targeting machines running the Microsoft Windows operating system.

Bagel.U is the 21st version of an e-mail worm that first appeared in January. Unlike earlier versions of the worm, the new variant eschews tricky subject lines or enticing messages, hiding in a file attachment to otherwise blank e-mail messages. Once opened, Bagel.U opens a back door to infected systems, mails copies of itself to e-mail addresses it steals from the user's computer and even launches the Windows Hearts card game, antivirus companies said.

Thousands of copies of the new Bagel variant was first spotted on Friday, following what is believed to be an initial e-mail "seeding" of the virus, according to iDefense, a US information technology (IT) security services company.

Citing the number of infected e-mails, Network Associates's Antivirus Emergency Response Team (AVERT) rated Bagel.U a "medium" threat. Antivirus company F-Secure of Helsinki rated the latest version of Bagel a "level 2" threat, indicating "large infections”.

As with earlier versions of the Bagel worm, the virus code is contained in an executable (.exe) format file with a randomly generated name. Users must double click on the file to open it. Also, many organisations block e-mail containing executable files from reaching users' inboxes.

Once launched, the Bagel worm installs itself on Windows systems, begins listening for instructions on communications port 4751 and connects to a website in Germany to report the identity of the infected machine to the worm's author, F-Secure reported.

Bagel is one of a series of worm families that have been plaguing e-mail users in recent months. New versions of Bagel, as well as MyDoom and Netsky have been surfacing on an almost daily basis since January, prompting a frenzy of activity among antivirus researchers who must identify and develop antidotes for each new variant.

Experts are at a loss to explain the recent proliferation of worms, though some have cited an apparent "war" between the authors of the Bagel and Netsky worms as the motivation for the release of many of the variants.

The latest is programmed to stop spreading on 1 January 2005. However, at least one antivirus expert expects many new versions of Bagel to be released in the coming weeks.

" Bagel.U will not be the last Bagel worm we see. Get ready to re-learn your ABCs as we head into the A-Z series of Bagel worms," said Ken Dunham, director of malicious code at iDefense in an e-mail statement.

Multiple, contemporary variants of the same malicious code will help the latest worms succeed in the wild, Dunham said.