Ropemaker - new Exploit for Desktop Email Clients

Mimecast (Email security vendor) has publish a warning today about possible email exploit called Ropemaker.

A new type of email exploit could affect all kind of computer users, even the most advanced. Practically all desktop email clients are vulnerable to this exploit if sending message in html format.

Read more at www.eweek.com | security/ropemaker-email-exploit-exposes-desktop-clients-to-security-risks

The Ropemaker attack abuses desktop email client functionality that enables email messages to pull CSS (Cascading Style Sheet) information from a remote location. Mimecast's researchers found that an attacker can inject or replace CSS information with malicious information that could lead to exploitation.

I'm not sure, if everybody understands how easy this vulnerability is to exploit (since there is no discussion here), I'm posting link to another coverage of it: BleepingComputer | ropemaker-lets-attackers-change-your-emails-after-delivery

ROPEMAKER — which stands for Remotely Originated Post-delivery Email Manipulation Attacks Keeping Email Risky — revolves around the idea that an attacker sends an email in HTML format to a victim, but instead of using inline or embedded CSS code to decorate the text, it uses a CSS file loaded from his server.
The purpose is to write and send an initially benign email, which the attacker modifies at a later date by altering the content of the CSS file hosted on his server.

ROPEMAKER attack fools current email security products

The initial benign email passes local email security scanners installed on the target's network, but any changes to the email's content aren't picked up when they happen.
This is because email security systems don't re-scan emails delivered to users' inboxes, but only incoming emails at the time of their delivery.