According to this article, CMU researchers Rahul Telang and Sunil Wattal present their research that software makers’ stock falls in value when security flaws are announced. This does not mean that public software makers should cease making security flaw announcements – on the contrary, it promotes better development habits, testing and security awareness before product launch.
There are a lot of interesting findings referenced in the article. For example, security flaw announcements that come with a patch tend to have significantly less negative effect on stock price, compared to those that come without a patch available at the time of announcement. Software flaws tend to affect stock price less than defects in other types of products. Also, Microsoft’s price tends to fall a lot less when vulnerability announcements are made.