Forum Discussion
Ropemaker exploits - Outlook / EOP
I was wondering if Outlook client blocks external css in HTML emails or Does EOP stipe out external css (link tag) from HTML emails ?. This is to protect inboxes from Ropemaker exploits. Whilst ATP's...
Microsoft doesn't consider this situation to be an actual https://msdn.microsoft.com/en-us/library/cc751383.aspx according to the response from the original advisory. So you may not get a definitive response but I think we can be reasonably certain if the situation changes and this is used by actors to attack customers, Microsoft will respond and protect or mitigate this threat.