http://expdev-kiuhnm.rhcloud.com/2015/05/29/emet-5-2-2/
Edited to add - this also mentions sysenter in the context of ASLR/DEP bypass exploits:
https://www.exploit-db.com/docs/17914.pdf
Edited once again - it's old, but it goes into writing shell code for 32-bit Windows that uses system calls:
http://www.piotrbania.com/all/articles/windows_syscall_shell...
I guess system call numbers change between Windows versions, so shellcode that uses system calls wouldn't be portable. The author of that last paper also says that this would drastically increase the size of the shellcode.