I checked with "Active Ports" - K-M is indeed opening internal ports, which are connected to 127.0.0.1, i.e. talking to other modules within your local PC. This is very different than software listening on an external Internet port, and should not represent a security exposure.
If open ports are detected, then you need to re-configure your system to eliminate them, but K-M is not the culprit.
If you want to test your security, BTW, there are much more thorough sites available than Gibson Research - try
http://www.securityspace.com/sspace/index.html and run through their free exhaustive test sequences - you will probably find a lot more vulnerabilities than Gibson tests. As an example, my firewall was responding to Ping, Ident and Traceroute requests, none of which were visible using the Shields Up page...