There's a significant difference between Superfish, an intentionally installed application that deliberately mitigated security features in browsers to inject ads, and a security flaw that arose from poor design or a lack of good QA process. The latter are sloppy but ultimately an inevitable part of complex design; the former is an obnoxious lack of respect for your customer that deserves a serious penalty in damages and a complete reset of your brand's goodwill.
That said, I think there's an argument that customers being in a position to sue over security flaws might not be such a bad thing. It might push companies to make security and privacy important features rather than second-class add-ons.
Any argument you make will contradict itself, because you make it a subjective matter. So choosing superfish could be seen as a lack of good QA process.
That said, I think there's an argument that customers being in a position to sue over security flaws might not be such a bad thing. It might push companies to make security and privacy important features rather than second-class add-ons.