The Zoom web meetings app for macOS included a serious security flaw which can affect you even if you have already removed the software.
Previous versions of the Zoom app installed a local host web server to bypass security protocols deployed as part of Safari 12. A flaw in this app left Mac users open to a critical security flaw that could allow attackers to view your camera.
Removing the app also left the vulnerable web server installed so that if you have previously installed the app you may still be vulnerable.
Zoom has since released an update to remove the web server and included an option in menu bar icon to uninstall the app completely.
We’re happy to have worked with Apple on testing this update. We expect the web server issue to be resolved today,We appreciate our users’ patience as we continue to work through addressing their concerns.Priscilla McCarthy – Zoom Spokeswoman
Apple has also taken prompt action releasing an update to remove the web server from all Macs via it’s XProtect program. This is a silent process and require no user intervention. If you have a Mac running Mac OS X 10.6 Snow Leopard or newer XProtect should remove the vulnerability for you.