Should Software Vendors Be Liable for Flaws?
"Heightened concerns over security are leading many large companies to rethink the legal terms and conditions on which they purchase software. It has been fairly standard in the software industry to exempt vendors from liability for damages caused by flaws in their products.
For instance, vendors are contractually exempted from responsibility for damages that result from computer crashes or virus attacks that exploit faults in their software. Right now the push is coming from customers but some commentators suggest that there may be a need for regulation in the area.
Software vendors such as Oracle Corp., say they hope the industry can avoid regulation by responding better to customer demands for security. In the U.S., the changing attitudes are attributed to the tough new accountability and privacy rules such as Sarbanes Oxley and health information privacy."
From this Laws of .Com article.