Well it's "Trusted Computing" all over again
This is just one part of a larger concept.
1. It will bring _no_ benefit to security, as it'll be working in the wrong places. For example you will still be able to exploit a browser to steal cookies and such or install any form of spyware/adware. In fact certain players in the field will probably even get their malware propperly signed. No malware today actually accesses the hardware since that would be rather stupid. If you are already "System" on that system, you have already won. Since nobody re-installs Windows regularly, you are even persistent on that machine.
2. As a side effect it'll limit the software you can run on those machines. For example FOSS will probably not run on such a machine as it will eventually not run any unsigned code. There may be a temporary figleaf solution where Microsoft signs a generic bootloader, but since that completely breaks the chain of trust, it'll likely be advertised as a huge security problem and removed.
3. The area it will make sense is DRM. If Microsoft can limit the access to your hardware, they can potentially keep you from grabbing DRMed streams.
There should be laws against this sort of thing, and actually in Germany that would clash with your basic right of "Integrity and Confidality of Information Processing Equipment" as derived by the constitutional court some years ago.