(taken from theregister.co.uk)
A recent post (http://www.securityfocus.com/archive/1/326371/2003-06-24/2003-06-30/2) on Bugtraq has revealed a serious flaw in the core design of the freely-available personal firewall ZoneAlarm running on MS Windows. Thanks to the Win32 ShellExecute function in Windows, ZoneAlarm could theoretically be tweaked into opening an unsecured Internet connection and leaking information into web servers anywhere. ..more (http://www.theregister.co.uk/content/55/31481.html)
ever trusted Zonealarm anyway.
Got a lot more reports of people trying to get in when I used a different firewall.