To block responses containing Windows executable content
In the console tree of ISA Server Management, click Firewall Policy.
In the details pane, click the applicable access rule or Web publishing rule.
On the Tasks tab, click Edit Selected Rule.
On the Traffic tab (for Web publishing rules) or on the Protocols tab (for access rules), click Filtering, and then click Configure HTTP.
On the General tab, click Block responses containing Windows executable content.
To open ISA Server Management, click Start, point to All Programs, point to Microsoft ISA Server, and then click ISA Server Management.
For ISA Server 2006 Enterprise Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Arrays, expand Array_Name, and then click Firewall Policy.
For ISA Server 2006 Standard Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Server_Name, and then click Firewall Policy.
When you select this option, responses in which the first word of the downloaded binary file is MZ are blocked. For example, all .exe files are blocked, but .com and .pif files are not blocked.
After you click Apply in the details pane, the policy is updated. The new policy applies only to new connections.