Microsoft recommends the following control measures where the security fix is not installed:
- Set Internet and local intranet security zone settings to “High” to block ActiveX Controls and Active Scripting in these zones
- Configure Internet Explorer to prompt before running Active Scripting or disable Active Scripting in the Internet and local intranet security zones
- Deploy the Enhanced Mitigation Experience Toolkit (EMET)
Read more here – http://blogs.technet.com/b/msrc/archive/2013/11/11/activex-control-issue-being-addressed-in-update-tuesday.aspx