The National Information Technology Development Agency (NITDA) has issued an urgent public alert regarding a critical security vulnerability identified in the Google Chrome browser.
According to the Agency, this vulnerability, tagged CVE-2024-797, has been discovered by Google and is currently being actively exploited by cyber attackers to target users online.
The flaw, classified as a “type confusion” vulnerability, is located within Chrome’s V8 JavaScript engine, which plays a crucial role in how the browser handles JavaScript files. The vulnerability arises from the browser’s misinterpretation of data types, leading to memory corruption.
This, in turn, could allow attackers to run harmful programs on devices that have not yet been updated to the latest version of Chrome.
Severe impact
NITDA through its Emergency Readiness and Response Team (CERRT) warns that the consequences of this vulnerability are severe, as attackers could potentially take full control of an affected system.
“The vulnerability enables attackers to potentially take full control of affected systems by exploiting memory corruption caused by the misinterpretation of data types.
“This could allow attackers to bypass security protocols and measures, execute malicious code, and even cause system crashes.
“The vulnerability is particularly dangerous because it can be triggered simply by visiting a malicious website,” NITDA stated.
Preventive measures
In response to this threat, NITDA advises all Google Chrome users to immediately update their browsers to the latest version.
The recommended versions are 128.0.6613.84/.85 for Windows and macOS, and 128.0.6613.84 for Linux.
Users can check for updates by navigating to the Chrome menu, selecting “Help,” and then clicking on “About Google Chrome” to apply any available updates.
Moreover, users of Chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, are also urged to apply the necessary updates as soon as they become available.
The agency emphasizes that timely updates are crucial to protecting against potential exploits and maintaining the security of personal and organizational systems.
What you should know
This alert from NITDA is the latest in a series of warnings about rising cyber threats targeting internet users in Nigeria and globally.
In recent months, there has been an uptick in the number of security advisories issued by cybersecurity agencies, highlighting the increasing sophistication and frequency of cyberattacks. The exploitation of browser vulnerabilities has become a common tactic used by cybercriminals to infiltrate systems and steal sensitive information.
The trend underscores the importance of maintaining up-to-date software as cyber threats continue to evolve.
As attackers become more adept at identifying and exploiting vulnerabilities, the need for vigilance and proactive cybersecurity measures is more critical than ever.
Leave a Comment