WebViewFolderIcon ActiveX Control Buffer Overflow

Our HTTP scanner detected the IESlice.d virus when a user browsed to hxxp://81.177.23.253/pefwji/2_z.html this evening. Not sure where the user was surfing that they were directed there.
The IP address is Russian. The exploit appears to be for MS06-057.