This is a brand new signature, that I have not seen before, with little info available, other than a few lines in Cisco MySDN.
It states that;
"This signature fires upon detecting an Internet Explorer Zone Bypass exploit, using Media Player to silently execute a Windows Media Advanced Systems Format (ASF) file in the Local Zone of the vulnerable system.
IOS not supported.
There are no known benign triggers".
I have tried researching the normal channels, google, MySDN and this forum.
Has anyone got any additional info about the cause and efect of this alert?