The National Information Technology Development Agency (NITDA) has issued an urgent alert to internet users about a critical security vulnerability in the popular Google Chrome browser identified as CVE-2024-797.
This vulnerability is currently being actively exploited by cybercriminals, posing a serious threat to users across the globe, the Nigerian Federal IT agency says.
Details of the Vulnerability
According to NITDA, CVE-2024-797 is a type confusion flaw in Chrome’s V8 JavaScript engine, which affects how JavaScript files are handled by the browser. This flaw can lead to memory corruption due to incorrect data type handling, potentially allowing attackers to run malicious programs on unpatched devices.
“This could allow attackers to bypass security protocols and measures, execute malicious code, and even cause system crashes. The vulnerability is particularly dangerous because it can be triggered simply by visiting a malicious website,” NITDA warns users of the popular Chrome browsers.
Impact Assessment
NITDA explains that the potential impact includes unauthorised access to personal data, system instability, and various forms of cyber exploitation. Given the active exploitation of this flaw, users are strongly advised to act swiftly to protect their systems.
Preventive Measures
To mitigate the risk associated with CVE-2024-797, NITDA urges all Google Chrome users to update their browsers immediately. The recommended versions for Windows and macOS: version 128.0.6613.84.85; and for Linux: version 128.0.6613.84.
Users can also update their browsers by navigating to the Chrome menu, selecting “Help,” and then “About Google Chrome.” If an update is available, it should be applied without delay.
Furthermore, NITDA says that user of Chromium-based browsers, including Microsoft Edge, Brave, Opera, and Vivaldi, should also ensure they apply any available updates as soon as possible.
Additional Guidance
NITDA reminds browser users of the importance of regular software updates as a fundamental defense against cybersecurity threats. Keeping your browser up to date helps protect against known vulnerabilities and enhances overall security.
For more information on updating your browser or to report any suspicious activity, please visit the official support pages for your browser or contact their customer support.