Metasploit added an exploit for MS12-004 today. Also, threat post has an article about attackers using this vulnerability. I decided to quickly test EMET against the Metasploit version, which is currently XP SP3 only. My XP SP3 test machine was running IE 6.0.2900.5512.
With my config.xml from my previous posts, you have IE protected. When EMET is enabled, IE crashes during the exploit preventing it from completing. If you do not have EMET setup the exploit seem very reliable with IE6.
If you can not patch a system or there is a 0day out there, EMET will help protect against these types of attacks. It may be possible for attacker to bypass the protections that EMET gives you, but attackers do not seem interested at this point in implementing this level of sophistication.
If I get a chance to find the exploit mentioned in the threat post article I’ll be sure to also test it and update the post.