Xen security issue prompts Amazon, Rackspace cloud reboots

Amazon Web Services and Rackspace are warning their customers of upcoming reboots they’re taking to address a new Xen hypervisor security issue.

In a premium support bulletin issued Thursday night, Amazon said fewer than 10 percent of all EC2 instances will require work but the affected instances must be updated by March 10. [company]Rackspace[/company] also notified customers of the issue, which will affect a subset of a portion of its First and Next Generation Cloud Servers, Thursday night. Later on Friday, Linode also warned users of an upcoming Xen-related reboot.

If you’re sensing a little bit of deja vu, it’s because the major cloud players were forced to reboot a bunch of their customers in September due to a Xen hypervisor issue, although the reason for the updates was not disclosed at first. Last time out, AWS also said 10 percent of its EC2 instances were affected.

Cloud vendors impacted by these security issues tread a tricky path. They have to address the vulnerability as fast as possible before the details of the flaw are made public, which can lead to a bit of a fire drill. In this case, more information about the flaw will be disclosed March 10.

In September, [company]Amazon[/company] was first out of the chute with notifications, followed by Rackspace and then IBM Softlayer made its disclosures the following week.

Note: This story was updated at 3:49 p.m. PST to note that Linode is also performing system updates.