The National Information Technology Development Agency (NITDA) has released an urgent public alert regarding a serious security flaw found in the Google Chrome browser. It announced this on its official X account (formerly known as Twitter) on Tuesday. According to NITDA through its Emergency Readiness and Response Team (CERRT), the vulnerability, labeled CVE-2024-797, was discovered by Google and is actively exploited by cybercriminals to target online users.
The flaw, identified as a “type confusion” vulnerability, is found in Chrome’s V8 JavaScript engine, which is essential for processing JavaScript files. It results from the browser’s incorrect handling of data types, leading to memory corruption. This flaw could allow attackers to execute malicious programs on devices that have not been updated to the latest version of Chrome.
The agency has warned that the vulnerability could have severe consequences if an attacker gains full control of an affected system. “This flaw allows attackers to potentially take complete control of impacted systems by exploiting memory corruption caused by data type misinterpretation.” “This could allow attackers to bypass security protocols and measures, execute malicious code, and even cause system crashes. The vulnerability is particularly dangerous because it can be triggered simply by visiting a malicious website,” NITDA stated.
Read also: Ghana licenses 51 cybersecurity providers to combat data breaches.
To mitigate the risk, the agency strongly advised all Google Chrome users to immediately update their browsers to the latest version. It specified that the recommended versions are 128.0.6613.84/.85 for Windows and macOS and 128.0.6613.84 for Linux. “Users can carry out this update by going to the Chrome menu, selecting “Help,” and then clicking “About Google Chrome” to check for and apply any available updates. Additionally, users of other Chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, should ensure they apply updates as soon as they are released.”
The agency emphasized that regular updates are crucial for maintaining the security of both personal and organizational systems and protecting them from potential cyberattacks. This alert from NITDA is the latest in a series of warnings concerning increased cyber threats targeted at internet users in Nigeria and globally.