To some, holding software to the same standards we do everything else makes a lot of sense, but it's a lot more complicated than that. For starters, software is extremely complex and certainly not easy to completely lock down; even Linux is full of holes, albeit ones that usually get patched rather swiftly. Of course, with Linux, who would be to blame for a security defect, anyway?
In my view, the biggest reason for software companies to remain free of liability isn't the complexity of software itself, but the fact that software is regularly targeted by those with malicious intent. You can say software should be as secure and reliable as a car, or a bridge, or any other consumer product, but how many of those products would stand up to a specifically targeted attack?