The National Information Technology Development Agency (NITDA) has issued a public alert about a critical security vulnerability identified in the Google Chrome browser.
It said, “Google has identified a critical security vulnerability in the Chrome browser, tagged CVE-2024-797. This vulnerability is currently being actively exploited by attackers to target users online.”
The vulnerability, classified as a “type confusion flaw” in Chrome’s V8 JavaScript engine, relates to how Chrome handles JavaScript files and could allow attackers to run harmful programs on devices that haven’t been updated.
NITDA, through its Emergency Readiness and Response Team (CERRT), warned that this vulnerability has severe consequences, noting that attackers can potentially take complete control of an affected system.
Read also: Hackers targeting personal info on laptops with new software, NITDA warns
NITDA explained, “The vulnerability enables attackers to potentially take full control of affected systems by exploiting memory corruption caused by the misinterpretation of data types. This could allow attackers to bypass security protocols and measures, execute malicious code, and even cause system crashes.
“The vulnerability is particularly dangerous because it can be triggered simply by visiting a malicious website.”
NITDA has advised that Chrome users update to the latest version to protect against the vulnerability,
The regulator said, “Google Chrome users should immediately update to the latest version (128.0.6613.84/85 for Windows and macOS, and 128.0.6613.84 for Linux). Also, to ensure your browser is up to date, navigate to the Chrome menu > Help > About Google Chrome, and apply the update if available.”
There has been an increase in the number of threat cases and advisories by cybersecurity agencies, highlighting the growth of cyber threats.
