That's exactly why I started scratching my head as to why the web entire security model assumes a trusted execution environment. That no longer makes sense in today's world.
Naively to me it looks like it's an artifact of 90s OS security model. The modern web, and the threats of the modern world require more stringent security facilities at the OS level to allow isolation of security context even to super users and specifically per program-origin, per identity, and per-process context isolation. Super users having the ability to read-write in any security context is no longer appropriate, at most super users should only be able to deny and delete, that's the only way to protect end-user privacy.
Sandbox escapes are part of most serious exploit chains nowadays. They make things harder for exploit authors but absolutely do not fix the problem at a fundamental level. iMessage runs in a sandboxed environment. Doesn't stop the exploit in the article from getting root.
Naively to me it looks like it's an artifact of 90s OS security model. The modern web, and the threats of the modern world require more stringent security facilities at the OS level to allow isolation of security context even to super users and specifically per program-origin, per identity, and per-process context isolation. Super users having the ability to read-write in any security context is no longer appropriate, at most super users should only be able to deny and delete, that's the only way to protect end-user privacy.