Found this info reading AskWoody.com DefCon 4, posts. http://www.askwoody.com/2015/ms-defcon-4-get-windows-and-office-patched-but-watch-out-for-kylo-ren/#comments. Here is link from Woody's post. You can read the blogs regarding this at the above address.
woody says:
Start here… https://technet.microsoft.com/en-us/library/security/ms15-124.aspx#Fix_6161
According to posts,evidently the last IE11 security patch KB3104002 does not provide ASLR Bypass (Address Space Layout Randomization) protection with latest IE patch KB3104002. Microsoft has issued an easy fixit KB3125869 (see MS15-124). Woody provides a link to the "easy fixit" KB3125869 (MS15-124). Apparently Susan Bradley's website warns that using Chrome or FireFox will not lower the risk and she also recommends applying the fix as she did to her computers. Sorry, I do not have her link...I read this at Ask Woody's website. I applied the easy fixit today to my laptop and then rebooted Internet Explorer. No ill effects that I can see. It took IE a few seconds to open the main page after I rebooted it but it is functioning well with no issues noted. I do not use IE but based on Susan Bradley's advice about other browers being at risk, I applied the fix, with the attitude better to be safe than sorry.
The link provided in Woody's (see above) post takes you to MS easy fixit instructions for Windows 7, 8, 8.1, 10. There is also a disable download button in case the easy fixit causes issues.
It's scary to think the MS issues a fixit for a high vulnerability and its not wide spread knowledge unless you happen to read MS15-124. I have to believe the majority of home users do not follow update releases all that closely so they don't know about this needed fix and think just by applying IE11 patch KB3104002 protects them. Enough to make one go crazy.
Happy New Year!
T4L