This is like teams of foxes selling chicken coops and accusing the other teams of the improper placement of "No Foxes Allowed" signs. If third party cookies are bad, disallowing them should be the default, regardless of some policy header no user ever heard of or can decipher.
If they really cared, they'd include a way to disallow any third party resource without having to install a plugin like RequestPolicy. That would go a long way towards fighting tracking (and multiple exploits).
It is not in Googles or Microsofts interest to do that with their browsers. They both have a very large commercial interest in people using browsers that make it easy to track them.
This is the main reason I stick with Firefox. I don't want to use a browser built by an advertising company.
If they really cared, they'd include a way to disallow any third party resource without having to install a plugin like RequestPolicy. That would go a long way towards fighting tracking (and multiple exploits).