Microsoft GDI+ is prone to a heap-based buffer-overflow vulnerability because the vector graphics link library improperly processes gradient sizes. Successfully exploiting this issue would allow an attacker to corrupt heap memory and execute arbitrary code in the context of the currently logged-in user.
Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from a successful exploit.
Do not accept or execute files from untrusted or unknown sources.
Attackers may exploit this vulnerability through a malicious image file. Users are advised to avoid files sent in unsolicited or unexpected email attachments or instant messages.
Do not follow links provided by unknown or untrusted sources.
Attackers may exploit this issue via a malicious site. Users should be wary of visiting sites of questionable integrity, especially if solicited to do so by an untrusted or unfamiliar site.
Implement multiple redundant layers of security.
Various memory-protection schemes (such as nonexecutable and randomly mapped memory segments) may hinder an attacker's ability to exploit this vulnerability to execute arbitrary code. Host-based intrusion-prevention systems may also help prevent exploits.
The vendor has released an advisory and updates. Please see the references for more information.