Well, actually, popular programs have bugs, so unless your (software) firewall updates with a new patch quite often, and you ALWAYS keep it up to date, they don't help much.
Remember, 99% of 'hackers' are just script kiddies. They just kick it to places like blacksun.box.sk and read a few tutorials, and learn how to exploit older versions of programs, such as windows/pc anywhere/firewalls, etc etc.
If you keep everything up to date, unless someone really knows their stuff, you are untouchable.
Here are your friends for windows:
http://www.microsoft.com/technet/tre...ty/default.asp
For security updates specifically, and IE exploits.
And of course:
http://windowsupdate.microsoft.com/
Critical updates cover the broader security problems too.
Keep up to date on this stuff. Running a firewall pretty much sets off a siren to script kiddies. "Look! i have stuff which important and cool on my computer, and I need to protect it!" Makes it fun for them to hack in.