Brian Prince at eWeek.com has a slide show analyzing the anatomy the back door in Internet Explorer 6 that allowed the attack on services in China. He has some interesting facts:
* Microsoft apparently has known about the vulnerability since September. (Bad PR for Microsoft to wait until Google pointed it out before letting on about it.)
* A "memory corruption" in IE6 allows attacker to remotely execute code.
* The malware used in the attack is a Trojan Horse called Hydraq. It has also been used against some Adobe Systems products.
* Social Networks like Facebook can be used to trick people into giving up info that helps the attackers.
* Evidence that the attack originated in China is "relatively scant."
This whole episode shows that you shouldn't use old versions like IE6. IE8 is now the current version. Were people at Google using IE6, or was it just people using Google products that stuck with the old browser? Personally, I use Chrome.