1. Kaseya
  2. VSA
  3. Release Notes

9.5.23 Feature Release - 4th July, 2025

The VSA 9.5.23 feature release (build 9.5.23.7286) includes enhancements and fixes described in the following sections. For minimum system and agent requirements, refer to Kaseya Server Minimum Requirements & Configuration and Agent Minimum Requirements.

Release schedule

  • SaaS deployment started: Saturday, July 5th, 2025
  • SaaS deployment completed: Saturday, August 2nd, 2025
  • General Availability (on-premises customers): Thursday, August 7th, 2025

Note: SaaS customers will be informed of their maintenance window via status.kaseya.com.

Dates are subject to change at short notice. On-premises customers are advised to check this page again before attempting an upgrade.

Last Update: Aug 1st, 2025 - New build updated from build 9.5.23.7261 to 9.5.23.7286.

Important security update

This release includes important security updates. We recommend that on-premises customers upgrade as soon as possible after the General Availability (GA) release date. (No action is required for SaaS customers, as updates are automatically applied).

Dependencies

Agent

This release requires agent version 9.5.0.48. After upgrading from an earlier VSA version, you must update your Windows, macOS, and Linux agents using the automatic or manual update process from the agent module.

Note: this version cannot be installed to some End-of-Life macOS versions. Please reference the "Updates to macOS and Linux agent supported versions" section below for further details.
Live Connect Application When starting a Live Connect or Remote Control session for the first time after installing this release, you will be prompted with a link to download the latest Live Connect build. You must complete the installation before proceeding with the session.
Software Management

This release includes updates to the Software Management client code. Each managed machine will download 120 MB of file updates during the first patch scan or deployment cycle after installing the VSA update. The files will be sourced from the VSA server or a peer endpoint machine on the local network that already has the files. Recommendations to mitigate the impact on network bandwidth:

  • Use distribution windows in scan and deployment profiles to avoid excessive concurrent downloads.
  • On larger networks, schedule a patch scan on a small selection of endpoints in advance of the main scan and deployment windows to leverage peer-to-peer file transfer and reduce the impact on internet bandwidth.

 

Support policy for prior releases

Kaseya recommends that customers update their environments to the latest patch release as soon as possible after the GA release date.

Our policy is to provide support for the current GA release, one prior Feature Release, and any interim Maintenance Releases. After the 9.5.23 GA date stated in the release schedule, the minimum supported version will be the 9.5.22 Feature Release.

Product lifecycle updates

Live Connect

As previously announced in the 9.5.22 release notes, starting with this release, the Live Connect technician application can no longer be installed on 32-bit versions of Windows. Note: this does not impact agent support for 32-bit Windows versions. 

REST API

As previously announced in the 9.5.22 release notes, the following v1.0 endpoints have been fully or partially removed from this release. Customers and 3rd-party integrators must migrate to the equivalent v2.0 endpoints to ensure compatibility with v9.5.23 and later VSA releases.

v1.0 Endpoint (deprecated) v2.0 Endpoint Notes
POST api/v1.0/authsso POST api/v2.0/auth/authsso The v1.0 endpoint has been removed in v9.5.23.
GET api/v1.0/auth (with 2FA passcode) POST api/v2.0/auth/auth-2fa GET api/v1.0/auth should still be used when authenticating with a personal access token (PAT).

 

Endpoint Protection

Updated Ransomware Detection engine to v1.5.1.0.

  • all newly deployed Ransomware Detection clients will get the new version.
  • existing protected agents will be flagged as "upgrade available" on the Endpoint Protection > Operations > Machines page (Ransomware Detection tab). Use the Upgrade button to deploy it.
  • this update does not apply to agents with Ransomware Detection managed using the Datto EDR platform and integration.

 

3rd-Party Software 2.0: May updates

Discontinued titles

  • Skype
  • Java(TM) SE Development Kit 8 (64-bit)
  • Java(TM) SE Development Kit 8 (32-bit)

NOTE: Java updates are available only on the Oracle website for registered users.

Refer to VSA 9 Software Management application catalog.

 

Release features

Update to VSA server installation wizard

Updated the VSA server installer (kinstall.exe) so that the “Upgrade VSA to version available and install addons“ option will only be displayed if the currently installed version is 9.4.x or earlier. When updating from an earlier 9.5.x version, the "Install Latest Patch Release or addons" option should be used.

Software Management process improvements

The Software Management client download process has been improved, reducing the network bandwidth usage when downloading updates to devices. 

 

Bug fixes and other improvements

Agent App

  • Updated copyright information and removed an outdated link from the About Agent page in the agent's system tray application.

Agent Procedures

  • Fixed an issue where referencing the agent secure working directory using the database variable: #vAgentConfiguration.agentTempSecureDir# would return an incorrectly formatted file path, which could cause certain shell commands to fail.
  • Fixed an issue where procedures with an ImpersonateUser statement would fail under certain circumstances despite using valid credentials.

Audit

  • Fixed an issue where bulk editing a custom field affected all endpoints instead of just the selected ones.

Authentication

  • Fixed an issue where the Sign in with Microsoft login button was not displayed on the login page, preventing SSO authentication using Microsoft credentials.

Remote Control

  • Fixed an issue where technicians using Windows 11 machines were unable to connect to endpoints using Native RDP through Live Connect.

Logs

  • Fixed an issue where the Log Archive process was unable to remove and archive outdated logs.
  • With this release, Login failure messages in System Log will now include the originating IP address.

Patch Management

  • Fixed an issue with applying weekly patch schedules, where the schedule would sometimes start on the wrong date when policy applied to new endpoints.

Policy Management

  • Fixed an issue where Event Log policy objects fail to be applied when the associated view targets specific endpoints.
  • Fixed an issue where the schedule dialogue window displays the incorrect time zone offset when editing existing schedules in a policy.

Software Management

  • Fixed an issue where ad-hoc scans would fail if no third-party profile was assigned when using the OS Native patch engine.
  • Fixed an issue where scheduling an ad-hoc patch scan removes the Next Scan Date set by a scheduled scan profile from the Software Management > Management > Machines page.
  • Fixed an issue where 3rd party support could not be enabled on some machines.
  • Fixed an issue where users had visibility of Override Profiles outside their assigned scope, despite the Private Profiles option being enabled.
  • Fixed an issue where pre-update procedures were incorrectly executed during a defined blackout window.

System Module

  • Fixed a rare case where policies couldn't be assigned because an associated view returned duplicated agent records.

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section