Pass the hash solved or not?

Microsoft released KB2871997 to address the “Pass the hash” vulnerability, but according to the following blog post pass the hash is still possible using the local Administrator account (SID 500):


Property Owner is not available for Database.

Sometimes when you try to open the properties dialog for a database the following error message is displayed:

“Property Owner is not available for Database ‘[<database>]’. This property may not exist for this object, or may not be retrievable due to insufficient access rights.  (Microsoft.SqlServer.Smo)”

This error happens when you are trying to access the database options and the database doesn´t have a database owner. This usually happens when the database owner user was deleted and a new database owner hasn´t been assigned to the database.

Assign a new user to the database using sp_changedbowner, for example:
use <databasename>
sp_changedbowner ‘sa’

The following query lists possible database owners that can be assigned to the database:
from sys.[databases]
inner join sys.[server_principals]
on [databases].owner_sid = [server_principals].sid

There are lots of other blogposts about this issue, here are a couple of examples: