There's more to it than that, actually...
It basically blocks out any executable content.
If somebody installed a scripting system on the computer that used a non-standard extension, then you might be able to sneak through that, but you wouldn't be guaranteed of catching most windows users.
"He who fights with monsters might take care lest he thereby become a monster. And if you gaze for long into an abyss, the abyss gazes also into you." - Friedrich Nietzsche