Trusted Execution Environments are a promising solution for solving the data privacy and trust issues introduced by cloud computing. The biggest threat to TEE security are side-channel attacks, of which single-stepping attacks proved to be the most powerful ones. Prior work has shown single-stepping for Intel SGX and AMD SEV, leading to devastating attacks. To overcome these security issues, in 2023 Intel released countermeasures for both SGX and TDX. In this talk, we analyze the single-stepping countermeasure of TDX and show that it is flawed. To this end we show two attacks primitives: full single-stepping and StumbleStepping. While single-stepping allows a controlled interrupt of the trust domain after every instruction, StumbleStepping cannot control the exit of the trust domain but still leaks the amount of executed instructions. For both, we demonstrate attacks against the ECDSA implementations in wolfSSL and OpenSSL. Finally, we discuss how single-stepping countermeasures could be improved to avoid leaking side-channel information from vulnerable software to attackers. While secure software should not use secret-dependent control flow in the first place, history shows that completely avoiding it is very error prone, especially if the attacker can observe instruction granular traces. Furthermore, avoiding secret-dependent control flow quickly becomes infeasible for non-cryptographic applications that compute on private data, e.g. image processing. This is especially critical since TEEs nowadays tend to be used for isolating complex software stacks instead of small, dedicated applications.