Revoking the key and making its restoration conditional on issuing a security patch would be a way to make sure an update does happen. I'm not a fan Apple's approach to software signing, but this is a good opportunity to showcase some of the benefits that their system does legitimately have.
They'd be stepping in on behalf of users and saying, "Sure you can issue updates. After you fix the security hole."
Right now, Zoom is gambling that they don't need to care about security from a business point of view. Apple can change the situation so they do.
Revoking the key and making its restoration conditional on issuing a security patch would be a way to make sure an update does happen. I'm not a fan Apple's approach to software signing, but this is a good opportunity to showcase some of the benefits that their system does legitimately have.
They'd be stepping in on behalf of users and saying, "Sure you can issue updates. After you fix the security hole."
Right now, Zoom is gambling that they don't need to care about security from a business point of view. Apple can change the situation so they do.