If Howard Dean came out and said he liked Microsoft, would you see that as something to hang your hat on?
There is a good chance this study is meaningless because its metrics measure not real security but the way the two OS's are updated and how security threats are reported. I think its lame to get all excited about that. Honest, this metric has more to do with Microsoft believing its pointless to tell folks there is a whole and they don't have a fix. Where as Linux screaming, "Here is a hole!," is the way the hole gets fixed.
I will take a seasoned Sys Admin over a university prof in Computer Science any day. Gees.