First off, the hotfix did absolutely nothing, so, I wouldn't bother with it. What I did was open computer management on the webserver, noted under the Default web site, which virtual directories under there were allowing anonymous access using the IUSR account. Then, I changed the IUSR password under local users and groups in computer management. I then went back into each virtual directory in IIS which used IUSR anonymous access and reset the password under the directory security tab, authentication and access control, edit.
OUILA! It worked. Why the hell it broke in the first place, I don't know. Where is Microsoft on this? Nothing to be found on their site whatsoever.
Good luck, hope it works for you.