. . . programmers should be blamed for poor security, not languages . . .

If the language makes the easiest way to do something also the wrong way, then I'd say you should blame the language. For instance, C makes it easy to overflow your buffers. By using a language that either has runtime bounds checking (like Java) or automatic growth of those bounds (like Perl), then you eliminate an entire class of bugs. IMHO, it is reckless to use C in a project that doesn't require use low-level details (which is most of them).

does it not alarm some of you?

I would imagine the same individual would have a lot of problems with languages that force you to predeclare vars by default, and with a static type system. That covers an awful lot of languages.

What can we as a community do to promote higher quality code?

Write good code yourself and share it with others.