I wonder how related to Microsoft Pluton this change is. I suppose it's going to be very beneficial for Microsoft to have a security chip to rely on for all sorts of uses, beneficial to the end user or very much not. This change may or may not be a precursor. Personally, I've always disabled TPM on Windows machines — I've never seen any benefit in keeping it enabled and possibly letting applications use it against me, furthermore the decent-against-thefts-on-non-critical-devices BitLocker (in its GUI form, CLI doesn't need the registry fix) really wants you not to use a password to decrypt the drive.