Researchers at Kaspersky Lab said the exploit for the latest Adobe Flash zero day is a password-grabbing Trojan targeting users in China. The attacks appear to be an isolated campaign and there is no connection between these exploits and a new advanced espionage campaign called The Mask. Adobe issued an emergency patch for the zero-day yesterday; CVE-2014-0497 allows an exploit to remotely inject code and control the underlying system hosting the vulnerable software. The malicious files have titles written in Korean and were found on three computers, one in an email attachment opened on a Mac OS X machine, and two in the browser cache of a Windows 7 machine.
Source: https://threatpost.com/details-emerge-on-latest-adobe-flash-zero-day-exploit/104068/