I guess it's cause it's windows and using it is compromised security to begin with.
I just wonder if it is windows firewall that closes port 21, instead of making it 'invisible' (I test this with grc.com)
Unless you're running as an admin without UAC, Windows's security flaws are just exploits and user related (mostly user related). Then again, I'd blame the user for running as an admin and without UAC. Anyway, port 21 is for FTP connections. This is blocked by default by most firewalls IIRC in favor of SFTP. Or something. Either way, FTP is an insecure open connection, you shouldn't be using it.