I wonder if there's a known exploit for the Zoom server specifically, or if Apple discovered one while looking into it. It seems strange for them to go to these lengths in this case when it sounds like other software has been using a similar technique too. Maybe it's just the reinstallation aspect that makes Zoom's case exceptional?
"Additionally, if you’ve ever installed the Zoom client and then uninstalled it, you still have a localhost web server on your machine that will happily re-install the Zoom client for you, without requiring any user interaction on your behalf besides visiting a webpage. This re-install ‘feature’ continues to work to this day."
> Zoom spokesperson Priscilla McCarthy told TechCrunch: “We’re happy to have worked with Apple on testing this update. We expect the web server issue to be resolved today. We appreciate our users’ patience as we continue to work through addressing their concerns.”
Yeah, I bet.
It looked like they decided to remove the server themselves (or at least, as a response to pressure), but maybe they didn't actually have a choice at all.
Zoom also didn't reverse their decision until there was a huge amount of public backlash.
There is, though it's not public yet.