Unlike the current Windows XP SP2 Firewall which only watches incoming data, the new Windows Firewall in Windows Vista supports both incoming and outgoing traffic. Unfortunately, Microsoft will turn off the ability to block outgoing traffic by default and set the new firewall to block incoming traffic only. Microsoft is doing this at the request of corporate customers and government departments who would like to manage this feature from an administrator level.
Configuring the Vista firewall to stop local spyware from connecting to the internet won't be an easy job. Though Microsoft is citing corporate users as a reason to limit the Vista Firewall, I am not really convinced with their arguements.
Reason: Microsoft plans to release several different versions of Windows Vista for home and business users - if their business customers are requesting a feature, why don't they incorporate it only in the Vista Enterprise or Vista Business editions ? Why touch the Vista Home editions ?
Business users have a whole army of software engineers who understand the technical details but isn't it unfair on the part of Microsoft to expect a grandmom read the Microsoft Technical Manuals for enabling the firewall.
I also feel that Microsoft's decision to disable both-sided firewall by default is connected to their anti-piracy efforts. Maybe in future, Microsoft plans to release software or service packs that tries to phone home to check if they are genuine copies - Microsoft doesn't want to provide an easy tool to people (the Vista firewall) that could block such initiatives.
In any case, Microsoft is unnecessarily making simple things complicated for the average home user who honestly buys software from the shelves. At least Norton or Zone Alarm developers won't be complaining.
Choose the right firewall - Vista vs Zone Alarm vs XP SP2 firewall
Source: Microsoft takes down barrier in Vista Firewall