VSA 10: Version 10.17 release notes

NOTE During release deployment, all active web application sessions will be disconnected, and customers will need to log in again at the beginning of the maintenance window. SaaS customers will be informed of their maintenance window via status.kaseya.com.

Schedule*

Region	Date	Starting Time (EST)
APAC	April 8, 2025	12:00
EMEA	April 10, 2025	15:00
US	April 15, 2025	21:00
On-Premises	May 6, 2025	12:00

NOTE *The schedule is subject to change. Please check the Status page for regular updates. When changes are made to the original schedule, those changes are denoted in red.

In this release, agents will be updated to version 10.17. Some features will only be available once the agent has been updated. For each tenant, agents are programmed to automatically, randomly update within a 36 hour window following the release deployment. A device's agent version can be viewed and can be manually updated by navigating to Device Details > Software > Agent Version.

The agent version for this release is 10.17.

Key feature enhancements

Patch Management

The Patch Status page has been enhanced to show the progress of deployment for each patch, based on its relevant devices. There are four patch statuses, which are also now available to filter by:
- Deployed: The patch has been successfully deployed.
- Reboot Pending: The patch has been deployed but requires a reboot to complete the installation.
- Failed: The patch has failed to deploy.
- Deployment Pending: The patch is available but has not yet been deployed.
The Patch Management > Patch Status page has been enhanced to show detailed information for each patch in a slide-out Patch Card. The detail presented is an aggregate of useful data, including information about the patch and its deployment progress.
Improvements have been made to patch management to ensure compatibility with Windows Server 2025.

Background file transfer

Technicians can now transfer files and folders to and from Windows, macOS and Linux devices directly from the device card storage browser, without requiring a remote desktop session or interrupting the end user. They can also delete files from the remote device.

New actions added for bulk operations:
- Upload Files: Select multiple files or a single folder on the technician’s local machine for upload to the currently selected folder on the remote device.
- Download Files: Enables selection of one or more files and/or folders from the currently selected folder on the remote device. Click the Download button in the top panel of the device card to initiate the action. If multiple files or a single folder is selected, the content will be downloaded as a ZIP file.
- Delete Files: Enables selection of one or more files and/or folders from the currently selected folder on the remote device. Click the Delete button in the top panel of the device card to initiate the action.
When clicking directly on an individual file from the content area without using bulk actions, a prompt will be displayed with options to download or delete the file.
Upload and download functions are enabled for all devices with Storage enabled in a System Details device configuration profile. The delete function also requires a File Browser device configuration profile with the Enable File Delete option enabled.
File operations are recorded in the Audit Log with the File Transfer category.

For more information, refer to Background File Transfer.

Webroot Integration

We're pleased to announce a new Webroot integration in VSA 10 via the Technology Alliance Partner (TAP) Program. This release delivers seamless OAuth-based connectivity between VSA 10 and Webroot, enabling automation content, enhanced visibility, and real-time notifications from Webroot endpoints, all directly within your VSA environment. For more information, refer to Enable the Webroot integration.

API v3 enhancements

VSA 10 now offers a new REST API endpoint that allows customers to retrieve a complete list of audit log records from their tenant, securely and programmatically.

Device Management

Device filtering has been updated to include Windows Server 2025 where applicable.
Device filtering has been updated to include macOS 15 where applicable.

Workflows

A workflow trigger for the Monitored Service is missing event has been added that triggers when a service that is being monitored does not exist on the target device.
Added support for the following workflow actions on macOS and Linux devices:
- Write File
- Get Device Value:
  - Get CPU Architecture
  - Is OS 64-Bit
  - Working Directory
  - File Content
  - File Size
  - File Contains
  - File Last Modified.

Integrations

Apple MDM

Apple MDM connectors are now grouped by organization in Integrations > Connectors.
This update introduces support for Apps and Books profiles on iOS and iPadOS devices in the Apple MDM Applications profile. This enables the silent installation of applications without needing an Apple ID on the device. Additionally, it can be utilized to install applications on devices that have a Managed Apple ID.
With this release, when an MDM enrolled device is deleted in UI, the system automatically unenrolls it from MDM and erases all managed data associated with that device (managed applications and profiles).
The Privacy Preferences Policy Control configuration builder in the Apple MDM Security profile has been fixed, and unnecessary fields for services have been hidden. This resolved an issue where the policy was not able to be applied to devices and gave the key 'Authorization and Allowed' is not allowed as an error.

NOTE To update existing Apple MDM Security profiles with Privacy Preferences Policy Control configurations, open the profiles and save them.

Fixes

Apple MDM

Resolved an issue that caused an infinite loop when applying a configuration profile after a tenant ran out of available mobile licenses.

Automation

Resolved an issue where admin users were unable to delete files from the Managed Files section regardless of ownership, now allowing deletion while displaying the appropriate message if the file is in use by one or more workflows.

Device Management

Resolved an issue where selected devices were not being retained if selecting devices from multiple pages in the same view.
Resolved an issue where macOS 15 devices were not able to accept commands initiated by users on the device details pane.
Resolved an issue where the Wake Up command was not working on devices configured for Wake-on-LAN.

Integrations

Resolved an issue where customers with a large number of agents encountered a Something went wrong error when attempting to map VSA 10 organizations to existing Autotask companies. The lookup and loading process has been optimized to prevent browser timeouts and ensure the mapping UI loads reliably.
Resolved an issue where hardware assets in PSA (BMS/Vorex) remained active even after the corresponding devices were deleted from RMM. Device deletions in RMM now properly update the asset status to inactive during both manual and nightly syncs.

Mobile Application

Resolved an issue where the iOS link on the Onboarding > Downloads page was not loading.

Patch Management

Resolved an issue where Patch Management policies were not properly applying to 32-bit Windows devices.
Resolved an issue in Patch Management > Patch Status where applying a CVSS score filter to the list of devices would result in an error if there were existing CVSS score values applied to any device.
Resolved an issue where the Patch Management policy Notifications section would not show a start date when editing the notification schedule.
Resolved an issue where patch policy notifications were still being sent even if notifications were disabled from the Sites & Agent Groups Notifications page in Account > Notifications.
Resolved an issue where non-administrator users were not receiving patch notifications from patch policies assigned to their team.
Resolved an issue where patches that required a reboot to apply were being incorrectly marked as Failed in patch history after the patch policy ran.
Resolved an issue where if a patch is approved for installation fails to install during policy run, if the patch is no longer available at the time of installation (if the patch was installed by another process, is no longer available, or there is a newer version of the patch available) then the patch policy will attempt to install the incorrect patch a second time.
Resolved an issue where patches that finished with the Reboot Pending status were incorrectly marked as Deployed.

Remote Control

Resolved an issue where the Allow/Deny popup was not triggering on the destination machine when attempting a connecting using the Share the Console Session option.
Resolved an issue where the VSA 10 agent freezes when disconnecting from a remote control session with a Windows device when connecting from a macOS device.
Resolved an issue where a non-informative error would show when a user denied a remote control session from a macOS device.
Resolved an issue where a remotely connected user's scroll wheel on their mouse would not work on the remotely connected machine unless their cursor was on their main monitor.

Web application

Resolved an issue where users were receiving an HTTP 500 error on the Devices > Groups page when the page refreshed after selecting a group.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.