This is what the "trusted environments" on chips can be used for, which are currently at least used for DRM (but who knows what else). This is something people like Richard Stallman and Cory Doctorow have warned for years - that allowing them to DRM your machine at the hardware level, inevitably means the machines will eventually be used against you for different purposes, including surveillance or censorship.
This is exactly what the NSA is implying when they say they want to be the "anti-virus of the Internet". TPM will allow Microsoft and/or NSA to remotely disable viruses from every computer - and course anything else they want - anywhere in the world, and that's how they will promote it to normal people: "It will make you safe".
All that is correct, but it needs (a) support in software and (b) the outside party having secret values mathematically related to the "attestation key" embedded in the TPM. The OS designed for this kind of system then uses the TPM to verify the signature, hash or whatever of software, and would either shut down any unapproved software or deny access to the DRM'd data.
I don't know whether Windows 8 is like that, but anyway you can opt out of it by using an OS that doesn't support any remote control. In many BIOS's you can turn TC support off.
This is exactly what the NSA is implying when they say they want to be the "anti-virus of the Internet". TPM will allow Microsoft and/or NSA to remotely disable viruses from every computer - and course anything else they want - anywhere in the world, and that's how they will promote it to normal people: "It will make you safe".