Wednesday, March 25, 2015

Pale Moon Moon Update To Address pwn2own Contest Vulnerability

Pale Moon
Pale Moon has been updated to version 25.3.1 to address a critical vulnerability discovered in the HP Zero Day Initiative's Pwn2Own contest.  Only one vulnerability discovered applied to Pale Moon.

From the Release Notes:

Security fix:
  • Fixed security vulnerability CVE-2015-0818. This vulnerability would allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation.

    Additional Fix:
    • Fixed IPv6 DNS resolution regression in some less common cases.

    Minimum system Requirements (Windows):
    • Windows Vista/Windows 7/Windows 8/Server 2008 or later
    • A processor with SSE2 support
    • 256 MB of free RAM (512 MB or more recommended)
    • At least 150 MB of free (uncompressed) disk space
    Pale Moon includes both 32- and 64-bit versions for Windows:
    Other versions:


      To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.

      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...

      No comments: