I created this script to simplify the process of restricting access to high risk extended stored procedures. It will find any user or role which has execute permissions on any of the stored procedures in the "#High_Risk_Stored_Procs" temp table and will generate the relevant revoke statements to remove those permissions.
The current list of stored procedures was taken from "SQL Server Security" by Chip Andrews, David Litchfield and Bill Grindlay. But you can easily insert additional stored procs into the "#High_Risk_Stored_Procs" temp table.
To use just change your query results to Text and copy and past the results into a new query window.
N.B. Remember to test this in your development environment first and keep a copy of the revoke script so that you can easily roll back.
When doing bulk data changes it may be beneficial to disable indexes prior to starting the operation. Fortunately, SQL's rich metadata makes this very easy to automate in a robust fashion.