I don't think the tree, as opposite to sequential hashing, adds any security.
Consider the possibility of using SAT solvers for Bitcoin mining. I think double SHA-256 is unpenetrable for the current generation of solvers, but let's assume things will change
BTW, if such progress will come from academic world, we can expect RSA challenge to be solved first, this will be a good warning for Bitcoin community. SAT solvers work by exploring 'easy' area of potential solution space first, postponing 'hard' part for latter. Now, imagine that there are many solutions for valid block hash - SAT solver will be more effective in such situation. But with current difficulty there are something like 67 required zeroes in resulting hash value and only, say, 32+10 free variables (32 bit nonce and may be lower part of time field), so there aren't many solution, on the average the equation system will be compatible once per 2^25 attempts. Straightforward way to use SAT solver for mining puts it into disadvantage. To provide more free variables one can use data bits inside or around transaction. Obvious candidate is input of coinbase transaction of an empty block (and nonce2 will be huge in such case), but sequential hashing allows using the last transaction of non-empty block for this purpose. Well, OK, that's rather a speculation right now, let's watch for a progress in SAT solvers development
But it decreases number of steps you need to perform in order to recalculate the output hash value, when only one element is changing. If you're a miner and need to apply a new TX to a block - with the tree it can go faster.
To quickly change Merkle root value one can swap two children of some inner node, the only requirement is keeping coinbase transaction the first - instead of increasing nonce2 or adding new transaction. See, no need to actually change elements
