Thursday, January 15, 2015

Pale Moon Version 25.2 Released with Security Updates

Pale Moon
Pale Moon has released version 25.2 to extend browser capabilities and implement some ES6 draft functions for web programmers.  The update includes important crash fixes, bug fixes and security updates.
    Security/privacy fixes:
    • Added a preference network.stricttransportsecurity.enabled to enable or disable the use of HSTS (HTTP Strict Transport Security), allowing users to choose between privacy and security in this matter. (hidden pref)
    • Fixed CVE-2014-1589 by whitelisting XBL bindings that may be applied to untrusted content.
      Important: extension developers should read this related thread.
    • Fixed CVE-2014-1593.
    • Mac: fixed CVE-2014-1595.
    • Fixed CVE-2014-8639 by adjusting cookie handling through proxies.
    • Fixed CVE-2014-8636.
    • Fixed several memory safety hazards that do not have CVE numbers.
      Fixes and changes are documented in the Release Notes.

      Minimum system Requirements (Windows):
      • Windows Vista/Windows 7/Windows 8/Server 2008 or later
      • A processor with SSE2 support
      • 256 MB of free RAM (512 MB or more recommended)
      • At least 150 MB of free (uncompressed) disk space
      Pale Moon includes both 32- and 64-bit versions:


      To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.

      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...


      bhringer said...

      PM4XP 25.2.0 is also available.

      Corrine said...

      Thank you, bhringer. The PM4XP (Pale Moon for XP) version is a rebuild by Matt Tobin. A Linux version is also available from