What is the recommended procedure to update outdated/vulnerable Desktop Central components?

What is the recommended procedure to update outdated/vulnerable Desktop Central components?

1) X:\ManageEngine\DesktopCentral_Server\apache\bin\openssl.exe, libeay32.dll, ssleay32.dll using vulnerable version 1.0.1i instead of patched 1.0.1j. What is Desktop Central's procedure to update OpenSSL when vulnerable versions are discovered and updates to OpenSSL are released?

2) X:\ManageEngine\DesktopCentral_Server\pgsql is using an older potentially vulnerable version of PostgreSQL (9.2.4.13091) [ http://secunia.com/advisories/57974 ] and a very old and very vulnerable version of OpenSSL (1.0.1c) packaged with PostgreSQL. What is the proper procedure to upgrade PostgreSQL and the included severely outdated OpenSSL in that directory? NOTE: I checked on Postgre's site, they do offer .zip binaries here of different versions, if it's as easy as replacing files with newer versions: http://www.enterprisedb.com/products-services-training/pgbindownload

3) What is the procedure in Desktop Central to protect against the newly discovered POODLE vulnerability, as well as older SSLv3 vulnerabilities, in Apache (and any other services/components that utilize SSLv3)? In X:\ManageEngine\DesktopCentral_Server\apache\conf\httpd-ssl.conf > I have tried changing (SSLProtocol all) to (SSLProtocol -ALL +TLSv1) and (SSLProtocol +TLSv1) but the httpd-ssl.conf file keeps being overwritten/reverted back by Desktop Central. What is the procedure to make this change permenant or any other viable ways to completely disable SSLv3 from Apache as well as any other affected/vulnerable components that may use it?
      New to ADManager Plus?

        New to ADSelfService Plus?