This issue first started last week, when security researchers identified a flaw in Zoom's software that took advantage of the app's click-to-join feature. If a person clicked a link in their web browser, they would automatically join a conference and their webcam would turn on without their explicit permission. Zoom initially claimed the flaw was a necessary workaround to allow its software to function properly with Apple's Safari browser but has since changed its approach and has worked to address the issue.
Last week, Zoom announced that it removed access to a local web server that enabled the vulnerability. One day later, Apple, working with Zoom, released an automatic security update for macOS that addressed the issue. The company plans to continue releasing fixes for all of Zoom's partners like RingCenter and Zhumu.