Re: Images...
Yes, there have been various exploitable vulnerabilities in various image decoders over the years.
But this is probably an unavoidable compromise. People are so accustomed to viewing images in messages that if Apple blocked images, most of the Lockdown Mode users would turn lockdown off every time they received a message with an image, so 1) it wouldn't help, and 2) they'd be exposed to other exploits.
Krstić is a smart guy and an experienced security researcher, so I expect Apple applied a pretty sophisticated threat model here that included likely behavior by users.
Incidentally, the NSO Group iMessage exploit used a PDF mislabeled as a GIF which Apple's ImageIO library then content-sniffed and passed to the CoreGraphics PDF processor, which contained the vulnerability that let them construct and run their own interpreter. So it wasn't technically an "image file" at all; it was a PDF masquerading as one, which the overly-ambitious ImageIO then passed to the vulnerable PDF renderer. (Apple has since fixed this.)
But, as I said, there have been many other image-parser vulnerabilities. Like, say, these.
Biting the hand that feeds IT
