20240419002-Oracle-Critical-Patch-Update-for-April-2024 (#658)

* 20240416004-Critical-Rust-Standard-Library-Vulnerability

* Format markdown files

* 20240419002-Oracle-Critical-Patch-Update-for-April-2024

* Format markdown docs

---------

Co-authored-by: GitHub Actions <[email protected]>
Co-authored-by: Joshua Hitchen (DGov) <[email protected]>
Co-authored-by: TWangmo <[email protected]>

docs/advisories/20240419002-Oracle-Critical-Patch-Update-for-April-2024.md

@@ -0,0 +1,22 @@
+# Oracle Critical Patch Update for April 2024 - 20240419002
+
+## Overview
+
+Oracle released its quarterly Critical Patch Update Advisory for April 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
+
+## What is vulnerable?
+
+| Product(s) Affected                                                        | Summary                                                                                                         | Dated          |
+| -------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------- | -------------- |
+| [List of Products](https://www.oracle.com/security-alerts/cpuapr2024.html) | These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. | 18 April, 2024 |
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month.* (refer [Patch Management](../guidelines/patch-management.md)):
+
+- [Oracle Patch](https://www.oracle.com/security-alerts/cpuapr2024.html)
+- [CISA](https://www.cisa.gov/news-events/alerts/2024/04/18/oracle-releases-critical-patch-update-advisory-april-2024)