Publicly-reported instances of ETW Tampering bypassing endpoint security products. Maintained on the same basis for every technique in the Index.
| Product | Entries | High-confidence | Most recent |
|---|---|---|---|
| Microsoft | 1 | 0 | 2026-05-19 |
| Product | Confidence | Disclosed | Source | |
|---|---|---|---|---|
| Microsoft | medium | 2026-05-19 | medium.com | record → |
Counts reflect distinct publicly-reported events on record; absence of an entry means no confirmed public report is on file.