Windows allows you to view folders in a "web view", complete with thumbnails of files etc. Turns out this functionality has a vulnerability. This vulnerability can be exploited remotely via an ActiveX component in Internet Explorer. And now there's public exploit code available for this vulnerability. Over the last day or so, several malicious websites have inserted such code via IFRAMEs on their site.
You can't patch your systems, as no official patch is available. Microsoft has an advisory out, explaining how you can disable the vulnerable ActiveX component via a registry change.
This thing is out there but we're really not seeing this in huge numbers.