Fixing holes in software isn't as easy as just poping down to the shops to buy a new lock. If the problem affects quite a few people, and isn't fixable in a short space of time (time varies depending on severity), notify people then they can take steps to improve their security while the fix is being worked on, and may even help with the fix. A lock is not the only way to prevent access to your home, other steps can be taken if you suspect the lock may well be bypassable. If you aren't aware of the problem, you can't work around it, you can't take steps to fix it, you just keep on relying on it.
Following the same logic, it's not always as easy to protect your system if there is a known hole, as it is for you to fix the security of your house in the event of a broken lock. In fact, you assume that you always can fix it yourself, or find a way to get around the bug until it is fixed. But let's face it, sometimes there's really nothing you CAN do until the vendors release a fix. So, on those lines, I still hold that it's better to be quiet than it is to let all of the hackers know.