Because the intent is the complete opposite, to add, not remove the bug... what else are they going to add, how many more headers are we going to end up with, what if the other browsers join in... this is not sustainable, but it's not supposed to be - they are betting on the fact that 99% of website owners will not even be aware of this issue let alone know how to configure their web server or be bothered to - it's purely for the purpose of saying "we allow you to opt out".

Saying "oh but we can thwart them with a header" is just naive, Google would like you to believe that. Look at the bigger picture.