Amazon Web Services issued a statement that shed more lights on an incident that affected a small but still significant portion of its EC2 customers.
Jeff Barr explained that AWS had to apply a "timely security and operational update" - as part of XSA (Xen Security Announcement) - to a tiny fraction of the global EC2 userbase (less than 10% he added).
While some instances that were patched didn't require any reboot, certain types of updates did require a warm boot, with the system restart keeping them offline for a few minutes.
Barr confirmed that automated configuration will be kept intact as should be the case for saved data as well. He acknowledged that it might be inconvenient for some customers but stressed the fact that they thought it was important and time-critical.
AWS also confirmed that its APIs and backends won't be affected by the BASH bug (or Shellshock as it is commonly known). Those using Amazon Linux won't need to worry however, those using other Linux hosts will need to make sure that they have an updated Bash login shell.