The National Information Technology Development Agency (NITDA) has warned Nigerians regarding a critical security vulnerability identified in the Google Chrome browser, while advising all Google Chrome users to immediately update their browsers to the latest version, to prevent falling prey to cyber hackers.
NITDA, through its Emergency Readiness and Response Team (CERRT), claimed that Google found this vulnerability, which has been assigned the code CVE-2024-797, while warning that cybercriminals are actively using it to target individuals online.
According to the Agency, “The flaw, classified as a “type confusion” vulnerability, is located within Chrome’s V8 JavaScript engine, which plays a crucial role in how the browser handles JavaScript files. The vulnerability arises from the browser’s misinterpretation of data types, leading to memory corruption. This, in turn, could allow attackers to run harmful programs on devices that have not yet been updated to the latest version of Chrome.”
It issued a warning, stating that the vulnerability may have dire repercussions if an attacker were to gain complete control of a system that is impacted. “The vulnerability enables attackers to potentially take full control of affected systems by exploiting memory corruption caused by the misinterpretation of data types.
“This could allow attackers to bypass security protocols and measures, execute malicious code, and even cause system crashes. The vulnerability is particularly dangerous because it can be triggered simply by visiting a malicious website,” NITDA stated.
NITDA therefore urged all users of Google Chrome to update to the most recent version of their browsers right away, adding that, “The recommended versions are 128.0.6613.84/.85 for Windows and macOS, and 128.0.6613.84 for Linux.
“Users can check for updates by navigating to the Chrome menu, selecting “Help,” and then clicking on “About Google Chrome” to apply any available updates. Moreover, users of Chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, are also urged to apply the necessary updates as soon as they become available.”
The Agency stressed that in order to keep organisational and personal systems secure and guard against potential attacks, periodic upgrades are essential.
