The flyers were fake parking violation notices, and instructed people to visit a website (which SANS did not publicize). Once they visited the website, they were infected with a malicious browser helper object.
From the post:
"The initial program installed itself as a browser helper object (BHO) for Internet Exploter that downloaded a component from childhe.com and attempted to trick the victim into installing a fake anti-virus scanner from bestantispyware securityscan.com and protectionsoft warecheck.com."
Interesting - I've never heard of windshields as an attack vector.
This blog, Infection began with a windscreen flyer, was originally posted on ZDNet.co.uk.