@GoddersUK: If it's only ever listening on the loopback address, it's not even an issue to begin with. The network stack will ignore packets claiming to be destined for 127.0.0.1 that come from a remote machine long before any application sees them.

If it's listening on all addresses but you use WF to block communication from outside, without it breaking, then again you're safe (although the software probably shouldn't have done that in the first place) and I'd carry on using it in that config.