So that is just the results of the last scan. Unfortunately Intel doesn’t pop the Exposed/Vulnerable information into the registry – you only get that information from the command line output.
You will need to re-run the scan periodically to capture newly vulnerable/exposed machines as well as patched/remediated machines.
This Fixlet runs the tool with command line output, gathers the vulnerable/exposed result into the registry, and makes that info available for the analysis. For this reason just running the original tool isn’t enough to pull the data into BigFix.
The Tool itself just puts the versions of the components and service states into the registry – if someone knows the exact combo of components and service states that yield exposed and vulnerable then we can start using the output from the original tool