Well, I would not call this exposure or how do you know that someone found out the IP address through usenet. The internet is frequently scanned by all kind of scam for vulnerable systems. Couldn't it be just as well a coincidence? (I am not saying that it was not because of the usenet post, it just seems unlikely to me and I am curious about this...)
This is IMHO impossible and I'm sure everyone else will agree unless it was a vulnerablity of the TCP/IP stack itself. If it was the stack then it remains questionable if a software firewall on the same computer using the same stack would have a chance to protect you. An external firewall seems not to help either here because if it was some kind of illegal IP packet I would assume that your ISP's router would dump something like that long before it gets to you...
So I still don't see how your computer has been hacked from the outside without you doing something even if it is just clicking on a link in a post or maybe a HTML post/email with included picture... A computer that does not have open ports is not vulnerable to simple hacking from the internet, it would run for months and years safely just like that.
There is lots of information about why people need PFW although it is not generally true either. The cert URL does recommend an external firewall. They don't really say why except the general assumption which are true for any system just because it is easier to install something else then to reconfigure a system so that nothing is listening.
Gerald