Microsoft has revised its security bulletin for MS15-009/KB 3034682 and added advice directed particularly at users who install updates manually.
MS15-009/KB 3034682 is a typical gargantuan Internet Explorer patches that plugs "one publicly disclosed and forty privately reported vulnerabilities."
While the complex set of patches covered by MS15-009 haven't changed, the security bulletin now advises:
Systems running Internet Explorer 9, Internet Explorer 10, or Internet Explorer 11 will not be fully protected until you have installed both security update 3021952 and the updates for the vulnerability described in Security Advisory 3009008.
If you use Windows Update, Windows Server Update Services (WSUS), or Microsoft Update Catalog to install updates, security update 3021952 will install first. After your system reboots, check for updates again in Windows Update to obtain and install update 3034196.
If you download and install updates manually, you must first install security update 3021952 before installing update 3034196. Failure to install 3021952 before 3034196 can lead to degraded page rendering.
In practical terms, if you're updating Windows through Windows Update -- manually, without automatic updates -- you should check Windows Update a second time, after you've gone through the initial update, and reboot. There may be another patch waiting for you. If you've already applied the February patches using Windows Update, take a minute to go back and make sure there isn't a lingering KB 3034196 sitting in the hopper.
If you're updating machines through WSUS servers, you have to allow for the possibility that those machines will get knocked out twice. Oh boy.
If you have Windows Automatic Update turned on, both patches will install all by themselves, but that's the least of your worries.