In fact, Windows builds with -DGAPING_SECURITY_HOLE is pretty much the reason why Windows virus scanners detect nc.exe. (The #define enables the -e flag, which starts processes with stdio redirected over the network when the connection succeeds.)