No, only real security helps, some dude reviewing GUI or business related rules help with nothing, and Apple security automated checks are week, stronger sandboxes are needed in wall gardens or walled gardens with a gate.
Only provably correct software would prevent such things.
A walled garden could make it simpler to enforce that only software proved correct can be installed, but without the proof, it does not guarantee much,,only makes certain things less probable.
Writing provably correct software us now a rare and expensive engineering feat. Most consumer OSes have nothing of thus sort, sadly. And I mean just the limited set of system software, not third-party installable apps, of course.
Formal correctness proofs are both unattainable and insufficient. We don't know how to do it at the required scale, and it doesn't save us from flawed formal specifications, we'll have the bugs in the formal requirements instead of in the code.
There are more cost efficient and proven ways to effectively address these kinds of vulnerabilities, like limiting complexity, using programming language features to eliminate classes of bugs, using other verifiable engineering disciplines, and compartmentalisation. Proofs also have their place locally in verifying small components. But making this commercially viable would large numbers of customers and users who are willing to make big compromises in functionality, features, third party apps etc.
In this case limiting complexity would have worked: don't support frivolous amounts of image codecs (like the fax format here), just support 1-2, and make sure there is high assurance of the safety using known methods (security oriented code design, memory safe language, fuzzing, and sandboxing).
It prevents third-parties from introducing these kind of vulnerabilities, but it doesn't prevent Apple from introducing them. It just makes it really hard to find (and fix) them.
