It's a bit disappointing to still see overflows around, but at least blindly smashing the stack is no longer usually exploitable for modern systems with basic security.
I seem to recall there being some efforts to standardize "fixes" for C, and they never got adopted by anybody important, so the C development community kind of just failed hardcore to prevent it. IMHO it was never about the tools, it was about how we used them and the interfaces for common conventions.
Actually, I take that back: it is also the tools' fault. GCC should just refuse to compile any reference to strcpy().
