Remote attestation is for identifying yourself to a remote that has already agreed to trust you previously. If the remote has already agreed to trust device foo based on its TPM's EKpub, then foo's TPM can later prove that it's foo by signing something with its TPM's EKpriv. There still needs to be some prior out-of-band registration to register foo's TPM's EKpub with the remote.
It makes sense for, say, an organization that provides the devices its employees use, because the organization can pre-register those devices' EKpubs in its servers and refuse to acknowledge any device that can't attest. But in the case of Windows, presumably MS is not going to become the single source of all Windows computers.
At best, they might register your device's EKpub when you install Windows and create a MS account or something, but if you already had a backdoored TPM at the time, that backdoored TPM is what will get registered.
It is also possible that MS could require a TPM with an EK certificate that is chained to a set of CAs based on some popular TPM manufacturers. That would certainly prevent you from using any device that doesn't have a "real official" TPM, but I feel this would be quite overkill of MS to do. Then again I would've said the same about an OS that requires a TPM in the first place, but here we are...
It makes sense for, say, an organization that provides the devices its employees use, because the organization can pre-register those devices' EKpubs in its servers and refuse to acknowledge any device that can't attest. But in the case of Windows, presumably MS is not going to become the single source of all Windows computers.
At best, they might register your device's EKpub when you install Windows and create a MS account or something, but if you already had a backdoored TPM at the time, that backdoored TPM is what will get registered.
It is also possible that MS could require a TPM with an EK certificate that is chained to a set of CAs based on some popular TPM manufacturers. That would certainly prevent you from using any device that doesn't have a "real official" TPM, but I feel this would be quite overkill of MS to do. Then again I would've said the same about an OS that requires a TPM in the first place, but here we are...