This gave me flashbacks to Melissa. I was very surprised by:
Based on the security advisory, Outlook, Apple Mail, and Mozilla Thunderbird are/were vulnerable to this issue.
Da fuck? How is a CSS-based attack possible in Thunderbird? I guess not enough eyes made this dumb design patternbug shallow.
Anyhow, spread the word. Lots of our loved ones are gonna be affected by this.