LONDON (Reuters) - The rapidly evolving "Sasser" computer worm tore across the Internet Tuesday, hitting corporate and home computers and stoking fears worse may be to come.

First detected over the weekend, the worm has already infected, by some estimates, over one million PCs. Among its victims are banks, travel-booking systems, European Commission offices and Britain's 19 Coastguard stations.

"We've had to go back to plotting on paper charts rather than using the computer mapping system," said a UK Maritime and Coastguard spokeswoman.

Search and rescue operations however have not been affected since Sasser first attacked its computers Tuesday.

Unlike previous Internet worms, Sasser infects vulnerable PCs without any action by the user like opening attachments, allowing it to spread very quickly.

Home users would likely first notice an infection if their computer mysteriously rebooted or their Internet connection slowed dramatically.

Security experts were warning users to update their PCs with the latest Microsoft patches and to install a firewall to keep out future infections.

With businesses throughout parts of Europe returning from the long holiday weekend Tuesday, anti-virus technicians were expecting a new wave of infections.

"It's still going steady. It will be a big problem for a day or two, then it will linger on the Internet for weeks, and likely years," said Mikko Hypponen, Anti-Virus Research Director at Finnish data security firm F-Secure.

WHERE NEXT?

Security experts are analyzing the worm to determine where Sasser might hit next.

"We don't know yet, for example, if it attacks machines running on Windows XP Embedded, which runs ATM machines and cash registers. That would be disastrous for banks and retailers," said Raimund Genes, European president of security software firm Trend Micro.

In the space of three days, four variants have emerged, each capable of causing machines that run on Microsoft's Windows operating systems XP, NT and 2000 to reboot without warning and knocking out some computer reservation systems.

Victims include Goldman Sachs, Australia's Westpac Bank and Finnish financial company Sampo. It has also hit about 300,000 computers at Germany's Deutsche Post.

Staff were temporarily unable to issue cash over the counter as a result, German media reported, while a European Commission spokesman said Sasser hit 1,200 PCs Monday.

"We had big problems yesterday," the EC spokesman said.

Sasser attacks an exploit in Windows known as the Local Security Authority Subsystem Service, or LSASS, which had been targeted in a Microsoft security update released on April 13.

F-Secure's Hypponen said the emergence of a related e-mail virus Monday called Netsky.AC may hold clues to the authorship of Sasser. Netsky.AC carries an attachment purporting to fix Sasser infections.