Upgrading the ASA prevents this vulnerability from being exploited further, but it will not modify any customization objects that were already compromised and are still present on the system. If an attacker compromised a customization object in the past, then the compromised object stays persistent after you upgrade the ASA to a fixed version.
Also, if you ever ran an earlier ASA version that had a vulnerable configuration, then regardless of the version you are currently running, you should verify that the portal customization was not compromised. See for details about the vulnerability and a list of fixed ASA versions. Cisco ASA Clientless SSL VPN Portal Customization Integrity Vulnerability-Multiple vulnerabilities have been fixed for clientless SSL VPN in ASA software, so you should upgrade your software to a fixed version.See Field Notice FN-64291 for affected versions and more information. In the meantime, you can reload the ASA to gain another 213 days of uptime.
You must upgrade to a new version without this bug, when available. The effect on each network will be different, but it could range from an issue of limited connectivity to something more extensive like an outage. Potential Traffic Outage (9.1(7.9) through 9.1(7.15))-Due to bug CSCvd78303, the ASA may stop passing traffic after 213 days of uptime.
