This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 30%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
Hello, today is the first time I ask for help, sorry if I don't write in the right forum.
In my company we have Intune implemented and we want to block the execution of .exe programs (portable executables) but I can't find information on how to do it, could you help me?
All the best
Can you clarify you question here? Are you trying to block specific EXEs or all EXEs?
All EXEs are ultimately portable so not sure exactly what that caveat means in your question although I assume you mean portable applications. If so, there's nothing unique about these EXEs; they just aren't formally "installed" and thus there is no way to only block EXEs associated with a "portable" application as this isn't a formal, technical construct that can be evaluated. Basically, all EXEs are created equally so there's no way to distinguish those associated with a "portable" app from those associated with an "installed" app.
If you have a list of specific EXEs that you want to block, then you can use either AppLocker or App Control.
References: