Microsoft states that this MAY help.

I don't have a MS server with IIS installed, but I would be very interested if the exploit check from the OP would be negative with kernel caching disabled. Anyone care to test this?

I get the HTTP 416 on windows 8.1 + iis 8.5 unpatched even after turning kernel caching off and restarting iis. Even after rebooting.

416 is the correct error code to return in this situation... that's what you want to see.