Update: Microsoft has issued a “Fix it” for this issue. A offical patch should be in place tomorrow 21-Sept-2012.
A new IE zero-day is out and is available from Metasploit. I needed to find out if EMET would protect against this. My two platforms I tested on were Windows 7 (Full patched) and Windows XP SP3 (fresh install) with IE 7. I tested EMET 3.0 and EMET 2.1 to make sure that both versions prevented the exploit.
The Metasploit exploit worked flawlessly on Windows 7. I then enabled EMET and added the IE executable to the protected programs. With both versions of EMET prevented the exploit. The odd thing is that EMET 3.0 is suppose to generate a pop-up and create an event log when it catches an exploit. It did not notify me during any of my tests. On Windows XP SP3 with IE 7, as expected, the exploit worked when EMET was not configured. Once setup to protect IE, the exploit failed to run.
While having individual users at home switch to another browser (e.g. Chrome) make sense, for large cooperate environments deploying EMET will give you a stop gap for many of the exploits that we see.