Unfortunately bouncing the box didn't resolve the issue. I agree with your statement on the risk. The potential data loss her is minimal and was looking for aquick fix in waiting for McAfee to deliver an approved solution.
Interesting that you got those results. We replaced the .exe and dll on a few of our ePO boxes as a test, then rebooted them and rescanned with updated Nexpose (they updated the signatures for this again today) and scan clean for CVE-2014-0160. After seeing your post I also checked our public ones against http://filippo.io/Heartbleed/ and it also reports them as clean.
After doing the file replacement as mentioned before, our security team scanned the server and it came back clean. Note: you must use the 32 bit version of 1.0.1g not the 64 bit version. When I tried at first with 64 bit it did not work. Had to use the 32 bit binaries.
Unlikely to get a 'official' confirmation of the impacted status until a patch is ready. Nature of the beast
Recommend contextual risk assessment and action appropriate to your envrionment.
Hey everyone, I'll try to simplify the steps for you all:
The only problem with the provided HF (thank you by the way); only problem so far is that it will not install n FIPS enabled servers. Log file indicates FIPS is not compatible.