Just because a lot of exploits carry themselves across ports that your firewall keeps open for other services doesn’t mean they are useless. Advising Windows users not to use firewalls just because it creates a false sense of security is just not solid reasoning. Your machine will be clogged with traffic from pinging zombies (who now know you are there, as many firewalls run in stealth), and then there are all the exploits that will now be free to roam all those ports you used to have closed.

At the least, firewall use narrows the focus, leaving your software vendor to patch vulnerabilities in their own products.