> I’d be really frustrated if my device was compromised by an esoteric audio format that I had no intention of ever listening to.
Users get even more frustrated when they want to play something and it does not work. Security is always a usability trade-off.
There is also an argument to be made that it is better for Apple to introduce a few bugs adding support for viewing/playing/etc random things than end users googling "how to play X" and downloading whatever app appears first in the results.
Remember the good 'ol days when everyone had Adobe Acrobat installed so they could open PDFs and it had a new 0day every month? Then one day Chrome added PDF.js and exploitation in the wild dropped off as people stopped downloading shitware to fill out rental applications.
We know how to provably do Wrangling Untrusted File Formats Safely, that's what WUFFS is. So it's not about an "isolated process" it's about a choice to do shoddy engineering and a society which has decided that shoddy engineering is fine in this particular domain.
"Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS."
That's an RCE, but nowhere near as bad as other recent exploits (CVE-2023-41064 and CVE-2023-41061) that include device and account takeover from an iMessage that you don't have to read. Also these typically don't rate highest severity (7.5/High) probably due to the limited scope of the targets.
It's not really esoteric given it's part of Apple's push into Spatial Audio as early as 2020 (movies in 2020, Apple Music in 2021). Sure you might have no intention of listening to this, but it's wrong to say it's esoteric given the amount of marketing material Apple has put out.
If these parsers can’t run inside an isolated process, perhaps they shouldn’t be enabled at all?