There is a lot of discussion goiung on regarding the VML-0-day at the moment. Wonder how you could use ISA Server to mitigate those attacks?

Read yourself: http://www.microsoft.com/technet/isa/2006/how-to-block-vml.mspx

If you want to automate it (unsupported but by a guy, knowing what he is doing):

http://www.isatools.org/block_vml.vbs

Roger