While it is true that actual hackers aren't likely interested in your particular system, unless you given them reason to be, there are still plenty of automated probe programs that seek out random computers and hijack them.
Given Microsoft's rather lax nature about patching security exploits in its software, simply having all the latest patches installed isn't always good enough. This is where a firewall would come in. ZomeAlarm and it's like are rather pitiful examples of a firewall, but they do a decent enough job of blocking the automated probes mentioned earlier.
I tend to prefer the firewall you'd find in a router myself. For one, most routers today have a firmware based on Linux, and so make use of the excellent iptables firewall. At the very least, they're usually stateful firewalls, which are considerably better than the like of ZoneAlarm which is stateless. Secondly, the firewall is running on its own dedicated hardware. I don't have yet another program vying for my system's resources. Third, I can set one policy and have it affect any number of systems behind that router's firewall. Four, I'm not bothered by repeated pop ups that are worded in such a way as to scare the security illiterate into thinking they would be better protected by buying the pay version of the software, and then any other services that company might offer. Five, bugs in a router's firmware aren't nearly as disruptive as bugs in a software program running on my computer. I could go on, but I think the point is clear.
One of the best things you can do for securing your computer, is to not use Internet Explorer or Outlook/Outlook Express. The latest security threat is spyware (and others have a veritable cornucopia of other terms for slight variations). That is, little programs that sit silently on your computer, monitoring your activity and reporting back. Some of these could easily be used to steal bank and credit card info, as well as everything needed to commit identity theft. The primary means by which these programs get on your computer, is Internet Explorer and Outlook/Outlook Express. So, to limit the avenues of these programs infesting your system, it's strongly advisable you use one of these three browsers (all others are based on IE). Mozilla Firefox, Seamonkey or Opera. All three are free, all three should pick up most of your IE settings (including Favorites), and all three currently have no known vulnerability to spyware. You can pretty much have your pick of email clients, but I might recommend Mozilla Thunderbird or the supplied email program with Seamonkey.
If you want to see if/how much spyware you currently have on your system, try downloading the program Ewido and seeing what it finds. If it finds anything, you'll also want to download AdAware, Spybot S&D, and Microsoft's Anti-Spyware. Sadly, no one program will clean up everything. Any problems with these programs, or getting rid of some pests, can be posted over on the security forum here.