Defend yourself against network surveillance and traffic analysis
(34.19 MB) Safe & Secure
What's new in this version:
All Platforms:- Update Firefox to 31.7.0esr- Update meek to 0.18- Update Tor Launcher to 0.2.7.5- Translation updates only- Update Torbutton to 1.9.2.3- Bug 15837: Show descriptions if unchecking custom mode- Bug 15927: Force update of the NoScript UI when changing security level- Bug 15915: Hide circuit display if it is disabled.- Translation updates- Bug 15945: Disable NoScript's ClearClick protection for now- Bug 15933: Isolate by base (top-level) domain name instead of FQDN- Bug 15857: Fix file descriptor leak in updater that caused update failures- Bug 15899: Fix errors with downloading and displaying PDFs- Windows- Bug 15872: Fix meek pluggable transport startup issue with Windows 7- Build System- Bug 15947: Support Ubuntu 14.04 LXC hosts via LXC_EXECUTE=lxc-execute env var- Bugs 15921+15922: Fix build errors during Mozilla Tryserver builds
Speed-optimized version of Firefox designed for the best possible performance
(17.68 MB) Safe & Secure
- Fixed loss of the browser's disk cache on startup due to incorrect corruption detection logic- Fixed a browser crash on some HTML5 games
System requirements:
Windows XP64 / Vista64 / Windows 7 64 / Windows 8 64
User Rating:
Author / Product:
Moonchild Productions / Pale Moon (64-bit)
Old Versions:
Filename:
palemoon-25.4.0.win64.installer.exe
MD5 Checksum:
6e1637bdc7a4f0a36974220b7557595b
Pale Moon is an Open Source, Firefox-based web browser available for Microsoft Windows, Android and Linux (with other operating systems in development), focusing on efficiency and ease of use. Make sure to get the most out of your browser!Pale Moon offers you a browsing experience in a browser completely built from its own source with carefully selected features and optimizations to maximize the browser's speed, stability and user experience, while maintaining compatibility with thousands of Firefox extensions many have come to love and rely on.Pale Moon Features:
Tags: Pale Moon 25.4.0 (64-bit) Download for Windows / Change Log / FileHorse.com EN ES Speed-optimized version of Firefox designed for the best possible performance Home Browsers and Plugins Pale Moon 25.4.0 (64-bit) Change Log Download Now(20.88 MB) Safe & Secure Share with Friends Categories Anti-Spyware Anti-Virus Benchmarking Browsers and Plugins CD, DVD and Blu-ray Cleaning and Tweaking Compression and Backup Desktop Enhancements Developer Tools Drivers and Mobile Phones File Sharing File Transfer and Networking Firewalls and Security Imaging and Digital Photo MP3 and Audio Messaging and Chat Office and Business Tools Video Software Pale Moon 25.4.0 (64-bit) Date added: May, 9th 2015 - Open Source Features Screenshots Change Log Old Versions What's new in this version: Fixes/changes:- Updated SQLite from 3.7.17 to v3.8.8.3, improving history/bookmark/etc. performance by up to 50% depending on operation- Added a new "mixed-mode" state for HTTPS connections. Clarified mixed-mode connections with a mixed-mode padlock and better tooltips.- Added a conditional partial shading to the URL bar and made it default (shading only on secure sites, no red shading at all by default).- Dev: Fixed file system mode flags for *nix systems, to make executable files like scripts actually flagged as executable- Added native IPv6 lookups to NSPR to solve IPv6-only and dual-stack setups in some situations- Added a pref to control the unloading of idle plugins from memory and lowered the default "idle" time to 60 seconds before plugins are unloaded- Fixed version strings for e.g. flash on Linux being displayed with commas instead of periods - this should also fix the incorrect "your plugin is vulnerable" message while b eing on the latest version- Windows: Set the double-click/Ctrl+arrow word selection to not eat the space (only select the actual word)- Android: DNS fix for VPN connections, preventing the "server not found" issues people have been reporting for certain VPN providers on mobile- Updated a number of trusted root certificates, and distrusted the CNNIC root certificate by popular demand- Linux: Worked around the slice memory allocator not being properly disabled on later GLib versions- Android: updated the random number generator handling on later versions of Android- Added fix to prevent spurious re-paints with plugins (performance/UX improvement)- Removed the plugin check link from the Addons Manager, since it's no longer reliable and not officially available for browsers except Mozilla Firefox. (Bonus: no user profiling/tracking through optimizely!)- Optimized the NSS callback for secure connections- Updated the domains that are w hitelist ed for installation of extensions/themes/personas, streamlining the use of addons.palemoon.org- Added personas support to titlebar text (adopt the lightweight theme's coloring/shading) in custom titlebar mode (Pale Moon appmenu/button)- Added display of HTTPS protocol (SSL/TLS) to the page info window (thanks Travis!)- Improved certificate display: Removed MD5 and added SHA256 fingerprint, and made them selectable/copyable- Updated classification of secure connections: Classify any encryption with less than 128 bits or including RC4 (if manually enabled, see previous version notes) as weak.- Dev: Added availability of the full ciphersuite string for use in extensions to the nsISSLStatus interface (nsISSLStatus.cipherSuite)- Added MAKE_UNLINKABLE to the about: page redirector and added that as default for the reader mode on Android- Removed the compilation and inclusion of a one-time-use pre-compiled startup cache in omni.ja, reducing overall application size significantly and avoiding a number of quirks of both the build process and the operation of the browser- Fixed an NVIDIA specific GLX server vendor bug for pixmap depth and fbConfig depth- Removed most telemetry code, reducing code complexity and wasted CPU- Linux: Added OSS support (mutually exclusive with ALSA): configure with --enable-oss- Made DNS caching a lot less aggressive to align the browser's behavior with the dynamic nature of the modern web.- Removed Mozilla-specific parameters for searches. Search suggestions should now work again for Google searches- Added the option to allow users to use a fixed (JSON) file-based geolocation response in favor of a GeoIP service.- Dev: Improvements to Clang builds (thanks Axiomatic/BitVapor!). Clang is not currently producing stable builds on Linux, so please use GCC for that operating system.- Linux: removed GnomeVFS that's no longer in use- Fixed the "d ouble pa dlock while loading a secure site" niggle in the UI- Dev: added allowance of using -moz-appearance:none on drop-down lists to hide the arrow button (catering to custom styling of the control) Added some more ES6 math/number functions:- Implemented Math.fround(x)- Implemented Number.isSafeInteger(x)- Implemented Math.clz32(x) Security fixes:- Fixed several memory safety hazards (UAF/DF/UU); applicable bugs covered by CVE-2015-0815 and CVE-2015-0815- Fixed CVE-2015-0811 [qcms] heap info leak- Fixed CVE-2015-0810 clickjacking attacks via a Flash object in conjunction with DIV elements- Fixed CVE-2015-0801 a variant of CVE-2015-0818- Fixed CVE-2015-0800 improve randomness of DNS resolver queries on Android- Fixed CVE-2015-0798 access to privileged URLs through about: redirector
(20.88 MB) Safe & Secure
Fixes/changes:- Updated SQLite from 3.7.17 to v3.8.8.3, improving history/bookmark/etc. performance by up to 50% depending on operation- Added a new "mixed-mode" state for HTTPS connections. Clarified mixed-mode connections with a mixed-mode padlock and better tooltips.- Added a conditional partial shading to the URL bar and made it default (shading only on secure sites, no red shading at all by default).- Dev: Fixed file system mode flags for *nix systems, to make executable files like scripts actually flagged as executable- Added native IPv6 lookups to NSPR to solve IPv6-only and dual-stack setups in some situations- Added a pref to control the unloading of idle plugins from memory and lowered the default "idle" time to 60 seconds before plugins are unloaded- Fixed version strings for e.g. flash on Linux being displayed with commas instead of periods - this should also fix the incorrect "your plugin is vulnerable" message while b eing on the latest version- Windows: Set the double-click/Ctrl+arrow word selection to not eat the space (only select the actual word)- Android: DNS fix for VPN connections, preventing the "server not found" issues people have been reporting for certain VPN providers on mobile- Updated a number of trusted root certificates, and distrusted the CNNIC root certificate by popular demand- Linux: Worked around the slice memory allocator not being properly disabled on later GLib versions- Android: updated the random number generator handling on later versions of Android- Added fix to prevent spurious re-paints with plugins (performance/UX improvement)- Removed the plugin check link from the Addons Manager, since it's no longer reliable and not officially available for browsers except Mozilla Firefox. (Bonus: no user profiling/tracking through optimizely!)- Optimized the NSS callback for secure connections- Updated the domains that are w hitelist ed for installation of extensions/themes/personas, streamlining the use of addons.palemoon.org- Added personas support to titlebar text (adopt the lightweight theme's coloring/shading) in custom titlebar mode (Pale Moon appmenu/button)- Added display of HTTPS protocol (SSL/TLS) to the page info window (thanks Travis!)- Improved certificate display: Removed MD5 and added SHA256 fingerprint, and made them selectable/copyable- Updated classification of secure connections: Classify any encryption with less than 128 bits or including RC4 (if manually enabled, see previous version notes) as weak.- Dev: Added availability of the full ciphersuite string for use in extensions to the nsISSLStatus interface (nsISSLStatus.cipherSuite)- Added MAKE_UNLINKABLE to the about: page redirector and added that as default for the reader mode on Android- Removed the compilation and inclusion of a one-time-use pre-compiled startup cache in omni.ja, reducing overall application size significantly and avoiding a number of quirks of both the build process and the operation of the browser- Fixed an NVIDIA specific GLX server vendor bug for pixmap depth and fbConfig depth- Removed most telemetry code, reducing code complexity and wasted CPU- Linux: Added OSS support (mutually exclusive with ALSA): configure with --enable-oss- Made DNS caching a lot less aggressive to align the browser's behavior with the dynamic nature of the modern web.- Removed Mozilla-specific parameters for searches. Search suggestions should now work again for Google searches- Added the option to allow users to use a fixed (JSON) file-based geolocation response in favor of a GeoIP service.- Dev: Improvements to Clang builds (thanks Axiomatic/BitVapor!). Clang is not currently producing stable builds on Linux, so please use GCC for that operating system.- Linux: removed GnomeVFS that's no longer in use- Fixed the "d ouble pa dlock while loading a secure site" niggle in the UI- Dev: added allowance of using -moz-appearance:none on drop-down lists to hide the arrow button (catering to custom styling of the control) Added some more ES6 math/number functions:- Implemented Math.fround(x)- Implemented Number.isSafeInteger(x)- Implemented Math.clz32(x) Security fixes:- Fixed several memory safety hazards (UAF/DF/UU); applicable bugs covered by CVE-2015-0815 and CVE-2015-0815- Fixed CVE-2015-0811 [qcms] heap info leak- Fixed CVE-2015-0810 clickjacking attacks via a Flash object in conjunction with DIV elements- Fixed CVE-2015-0801 a variant of CVE-2015-0818- Fixed CVE-2015-0800 improve randomness of DNS resolver queries on Android- Fixed CVE-2015-0798 access to privileged URLs through about: redirector