Update: After working closely with our providers it was determined WP Engine servers are not and were never at risk of the Venom Vulnerability. As such, patching and downtime was not necessary and no customers were impacted.
We know uptime is important to you and the websites you entrust with WP Engine. With that in mind, we wanted to notify you of a recently discovered Xen Hypervisor vulnerability (aka the Venom Vulnerability) that requires cloud providers to conduct emergency maintenance on their servers. That server maintenance may result in a brief period of downtime for a subset of WP Engine customers. Read more about it here.
We will send email notifications to our customers whose sites will be affected.
Hosting companies use Xen Hypervisor to provide virtual private servers on a single machine—making it possible to host multiple sites on a single server. The security vulnerability could be exploited to compromise those sites.
This downtime will occur for some of the sites that we host while our Engineering teams patch affected systems. We expect these patches to occur between 11 p.m. and 5 a.m. (Wednesday, May 13 and Thursday, May 14) local time of the datacenter where your site is hosted. Outside of the brief downtime affecting sites, there should be no additional impact to your site—though we will continue to closely monitor the situation to ensure this.
For more information, please visit the WP Engine Status blog where you can sign up for email notifications that will keep you informed about the latest updates.
We greatly appreciate your patience and understanding.