The sensor can automatically pull updates from a server using ftp or scp. You have to provide the server and manually copy update files to it from the cisco CCO site first. Then configure the sensor for autoupdates.
To configure auto updates using cli:
conf t
ser host
optionalAutoUpgrade
active auto
auto
(provide user/pw/serverIp/serverDirectory/fileProtocol)
schedule
act
(provide params for cal or hourly updates)
Yes, there is a signature update that catches the cisco IOS vulnerability: IDS-sig-4.1-1-S48.rpm.pkg