not that I know of.
If we're talking a new device, you could use 802.1X or mac-security on the switch port.
As for devices already on the vlan, use an OS that can lock out users from the network settings.
As for the affect, it would be gradual unless a large number of pc's fired up at the same time. PC's already using the current default gateway would keep using it, dependent on usage and arp timeouts of course. Should be enough time to jump on the issue before it gets out of hand.