Apple: Hey, your app poses a threat to macOS security. We're going to remove your server app with the built-in macOS anti-virus.
Zoom: Oh crap. Okay, give us 2 sprints to release a new version that removes it.
Apple: We're killing it in 48 hours.
Zoom, after an all-nighter: HEyyy users, we have a patch for youu
The loading modal would come up, but the app window would never open and I would have to force kill the app entirely, since I couldn't close the modal.
I suspect that Apple had already closed the possibility of the loophole on Catalina, which is why it wasn't working.
So I suspect they had probably noticed it weeks ago.
rm -rf ~/.zoomus
The who found the Vulnerability where at least talking to the people at chrome and firefox:
Quote from there Blogpost (https://medium.com/bugbountywriteup/zoom-zero-day-4-million-...)
"Apr 10, 2019 — Vulnerability disclosed to Chromium security team.
Apr 19, 2019 — Vulnerability disclosed to Mozilla FireFox security team."
So, not entirely unrealistic that the other Browser manufacturer also got a notice.