[kbenson]

There were versions of windows, 2000 if not XP, that could and would get infected in-between the time the network stack initialized and the local software firewall initialized a second or two later. This was actually addressed and fixed, because it was not a unique experience. That's how pervasive and wild the exploit network traffic was before MS got their act together.

Edit: My google-fu is failing me, and I can't find the right keywords to find a reference to this, but I distinctly remember it. Back in the days when firewalls weren't quite as pervasive, and especially not for small colo deployments.

[ConceptJunkie]

I saw this first-hand when installing Windows 2000 using Parallels circa 2006. I mistakenly believed the configuration I had chosen had the VM behind the Mac's firewall, but it wasn't. The VM was infected before Windows 2000 could install the latest updates... just a matter of minutes.

This is not as extreme as you are describing, but it was also on the corporate network of a large company, not the open internet.