Pale Moon is a custom-built and speed optimized Firefox browser. The project uses contributed Open Source code to create a full-featured, speed optimized browser based on Firefox browser.
Having seen the advantages on other systems (e.g. Linux) with regards to programs being compiled specifically for the capabilities of the machine it is installed on, it became obviously clear that Windows users were at a disadvantage.
Mozilla only releases windows executables with maximum compatibility in mind, meaning that Firefox is made to run on as many different systems as possible, sacrificing efficiency and speed in the process to be compatible with, by current standards, absolutely ancient hardware.
Mozilla does not provide optimized browser packages for Windows. That means you may be lose speed and efficiency when you use your browser.
That needs to change. Therefore Pale Moon project offers custom-built and optimized Firefox browsers for Windows Operating Systems. Make sure to get the most speed and efficiency out of your browser!
Pale Moon Main features:
- Highly optimized for modern processors
- 100% Firefox sourced: As safe as the browser that has seen years of development.
- Support for Firefox extensions (add-ons), themes and personas
- Able to use existing Firefox profiles, bookmarks and settings with this migration tool
- Uses slightly less memory because of disabled redundant and optional code
- Significant speed increases for page drawing and script processing
- Support for HTML5 and WebGL (v4)
- Stability: experience fewer browser crashes.
- Support for SVG and Canvas, and downloadable fonts including WOFF
- Support for OOPP (Out-of-process plugin execution)
Users will find a slightly more conservative approach to changes in the user interface in the Pale Moon browser. It, although very close to Firefox, is (now more obviously so than before) a different product. However, these differences in layout do not prevent anyone from configuring their browser interface to exactly the way they want it to look and work. Including like Mozilla Firefox's default layout if they so wish.
- Fixed a potential vulnerability in the zip file reader. DiD
- Ported several upstream devtools fixes (addresses CVE-2020-12392 and CVE-2020-12393).
- Improved memory safety of some WebAudio calls.
- Improved memory safety in the XUL window destructor. DiD
- Unified XUL Platform Mozilla Security Patch Summary: 3 fixed, 3 Defense-in-depth, 16 not applicable.
Changes in Pale Moon 28.9.2 (2020-04-30):
- Re-based the 28.9 version of browsers on a separate development branch that excludes the extensive work being done for Google WebComponents, to avoid potential performance and stability issues caused by as-of-yet incomplete and in-progress code for the new milestone.
- Enabled DOM High Resolution timestamps for compatibility with websites that strictly rely on them for operation.
- Added a preference to allow copying the unescaped URL from the address bar (especially useful for internationalized domain names and paths).
To enable this, set
- Fixed several application crashes (thanks, Fysac!)
Changes in Pale Moon 28.9.1 (2020-04-10):
- Re-imported the ExtensionStorage js module for use by browser extensions.
- Fixed an issue with the WebRequest module having erroneously un-processed build directives in it. This might have caused some subtle breakage.
- Removed the use of high-resolution Windows system timers from the layout refresh driver; this should help with some performance and battery life issues.
- Fixed an issue where various parts of hardware acceleration weren’t properly linked when changing the option from preferences.
If you have changed the preferences option to “use hardware acceleration when available” between 28.9.0 and this release, it is recommended that you go into preferences and toggle the option off/on to the preferred setting to correct any discrepancies.
- Fixed an issue with building the user-agent string using the build date as ID.
- Fixed an issue with the release of document content viewers (CVE-2020-6819). DiD
- Fixed an issue with handling functions with rest parameters. DiD
- Unified XUL Platform Mozilla Security Patch Summary: 2 Defense-in-depth, 14 not applicable.
Changes in Pale Moon 188.8.131.52 (2020-03-25):
- Fixed an issue with browser migration and initialization code causing various browser run-time problems.
- Fixed an issue with cache behavior where some users would have trouble having their windows and tabs restored in “soft refresh” mode (see v28.9.0 release notes).
To solve this, we reverted to the previous (pull from cache) mode for now while we investigate the cause.
Changes in Pale Moon 28.9.0 (2020-03-24):
- Implemented asynchronous iterators (
for awaitloops) (ES2018)
- Implemented promise-based media playback.
- Implemented non-standard legacy CSSStyleSheet rules functions.
- Implemented the html5
element. To switch this on, flip
- Implemented the optional hiding of pinned tabs in CtrlTab/AllTab panes. (controlled through the preferences
- Added 1.25x playback speed to html media elements.
- Added a hidden pref (
browser.places.smartBookmarks.max) to control the sizes of default smart bookmarks categories.
document.open()with the overhauled specification.
- Aligned the way DOM styles are computed with mainstream browser behavior.
- Removed the (unused) DOM promise implementation.
- Enabled seeking to next frame in media files.
- Enabled dynamic UA updates for emergency use.
- Implemented rule processing stub for font-variation-settings.
- Increased the maximum XML nesting depth to 2048 levels for extreme corner cases and to conservatively align with other browsers.
- Improved the privacy of geolocation lookup calls, with thanks to a generous service donation from ip-api.com
- Improved reporting of the operating system in site-specific user-agent overrides.
- Improved table drawing performance again after the rewrite for sticky positioning making it slower.
- Updated CSP processing to allow custom scheme wildcards to be specified without a port.
- Aligned the behavior of outlines with other browsers when dealing with CSS-repositioned elements.
- Changed the way hardware acceleration is controlled from the application.
- Changed the default monospace font for main languages from Courier New to Consolas.
This provides a more balanced font for fixed-width text that is slightly more condensed and more in line with the naturally compacter variable-width fonts used everywhere else.
- Changed the browser’s behavior when restoring tabs from previous sessions. To prevent stale pages, it will now by default perform a “soft refresh” of the page instead of drawing it purely from cache without checking if the page needs updating. If you prefer the old behavior, set
- Updated NSPR to 4.24 and NSS to ~3.48.1-RTM, removing the previous custom patch level with NSS being able to support custom rounds for DBM now.
For extensive release notes with all NSS changes, see NSS_Releases
- Implemented an NSS performance optimization for Master Password use with limited effect.
- Fixed some potential crashing scenarios with WebGL on Linux.
- Completely removed
- Disabled some logging in production builds.
- Removed various gadgeteering/redundant/dead DOM APIs (casting/presentation, FlyWeb)
- Removed support for a number of critical libraries being system-supplied.
- Removed “Copy raw data” button from the troubleshooting information page, since it’s never used by us in that format, and users mistakenly keep using it instead of copying text.
- Removed a bunch of Android and iOS support code.
- Fixed an issue with form elements sometimes being incorrectly disabled.
- Fixed several crashes.
- Fixed an issue with Captive Portal detection sometimes firing even when disabled by the user.
- Performed various tree-wide code cleanups.
- Backed out a large code cleanup patch for causing subtle issues in website operation (e.g. WordPress). This will have to be revisited later; the reintroduced code is not in use in practice.
- Cleaned up the application updater code.
- Fixed a potential pointer issue in cubeb. DiD
- Disabled allowing remote
jar:URIs by default for security reasons. If you need this functionality for your non-standard environment, you can enable it with the preference
network.jar.block-remote-files, but please consider moving away from this method of providing web-based applications.
- Fixed unwanted behavior where created/focused pop-up windows could potentially cover the DOM fullscreen notification, hiding it from users. (CVE-2020-6810)
- Fixed an issue where copying data as a curl request from developer tools would not properly escape parameters. (CVE-2020-6811)
- Updated our sctp library code with several upstream fixes.
- Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 3 already mitigated, 1 rejected, 11 not applicable.
- Implemented optional catch binding (ES2019).
- Fixed a hazardous crash related to module scripting.
Changes in Pale Moon 28.8.3 (2020-02-18):
- Fixed an issue in CSP blocking requests without a port for custom schemes.
- Fixed a potentially hazardous crash in layers.
- Fixed random crashes on some sites using IndexedDB.
- Changed the way the application can be invoked from the command-line to prevent a whole class of potential exploits involving modified omnijars.
If your special-needs environment requires that you launch the browser with custom browser/gre omnijars from the command-line, you must set the UXP_CUSTOM_OMNI environment variable before launch from this point forward.
- Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 2 DiD, 10 not applicable.
Changes in Pale Moon 184.108.40.206 (2020-02-04):
- This is a minor release in response to YouTube deprecating their old web UI. This change will enable the new YouTube UI by default.
Changes in Pale Moon 28.8.2 (2020-01-28):
- Fixed an issue where FTP servers would hang the browser if they were not sending answers according to the protocol specification.
- Added a workaround for GitHub trying to enforce more Google-isms (which we don’t support at this time) to browsers that identify as “Firefox-alike”.
Changes in Pale Moon 28.8.1 (2020-01-11):
- Fixed a sampling issue in libsoundtouch (DiD)
- Fixed an issue with a new upcoming Windows 10 feature not honoring Private Browsing mode by default (DiD)
- Fixed several stability and memory safety hazards. (DiD)
- Fixed an issue where files could inadvertently be executed with the designated file type handler instead of opened. (CVE-2019-17019)
- Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 7 DiD, 12 not applicable.
Homepage – http://www.palemoon.org
Minimum System Requirements:
- Windows 7, 8, 8.1, 10, Server 2008 R2 or later
- A processor with SSE2 instruction support
- 1 GB of RAM
- At least 200 MB of free (uncompressed) disk space
Size: 32.4 MB