This evening will be another important Microsoft patch day as the software giant release vital patches US time for Windows XP.

It is expected to release critical updates to deal with holes in Internet Explorer that leave even machines with SP2 installed open to attack. Late last week, a publicly available exploit used a known but unpatched vulnerability to bypass security and caused security company Secunia to rate the situation as "extremely critical".

Another issue lets attackers display a bogus website while the address bar in Internet Explorer shows the URL of a spoofed site, as well as activate the icon indicating that the site is secured with SSL. This exploit could be used by phishers wanting to steal customers' passwords.

The vulnerabilities are severe enough for security companies to advise that users dump Internet Explorer completely and use a different browser.

Nathan Mercer, technology specialist at Microsoft New Zealand, confirmed that three patches will be released on Wednesday (NZ time). The patches will be available via Windows Update and form part of Microsoft usual monthly patch day.