The National Information Technology Development Agency (NITDA) has warned Nigerians of a critical security vulnerability identified in the Google Chrome browser.
Speaking in a post on X on Tuesday, NITDA said the vulnerability, tagged, ‘CVE-2024-79’, was discovered by Google and is currently being exploited by cyber attackers to target users online.
NITDA, through its emergency readiness and response team (CERRT), said the consequences of the vulnerability are severe as attackers could take over an affected system.
“This vulnerability is classified as a type confusion flaw in Chrome’s V8 JavaScript engine, related to how Chrome handles JavaScript files, which could allow attackers to run harmful programs on devices that haven’t been updated,” the agency said.
“The vulnerability enables attackers to potentially take full control of affected systems by exploiting memory corruption caused by the misinterpretation of data types.
“This could allow attackers to bypass security protocols and measures, execute malicious code, and even cause system crashes.
“The vulnerability is particularly dangerous because it can be triggered simply by visiting a malicious website.”
The NITDA said Google Chrome users should check for regular updates to prevent attacks. “The recommended versions are 128.0.6613.84/.85 for Windows and macOS, and 128.0.6613.84 for Linux.
“Users can check for updates by navigating to the Chrome menu, selecting “Help,” and then clicking on “About Google Chrome” to apply any available updates.
“Users of Chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, are also urged to apply the necessary updates as soon as they become available,” the agency said.
The agency said timely updates would protect against potential exploits and maintain the security of personal and organisational systems.