I ignored the (negative) hype and looked into TPMs recently, and I encourage others to do the same.[0] They look like excellent solutions with the important exception that two of the three key hierarchies, the platform hierarchy and endorsement hierarchy, appear to be fundamentally in the vendor's and not in my control (the latter hierarchy can be disabled, as I understand it, but its functionality is then lost). It's surprising that enterprise IT would tolerate that - I'm not sure I will - but perhaps they can have the manufacturer deploy the corporation's keys in the roots of those hierarchies.
Also, the TPM's security as a trust anchor depends on its implementation. They look good in theory, but I have no idea if the various vendors actually implement them effectively.
[0] By far the best source I found is A Practical Guide to TPM 2.0 - Using the Trusted Platform Module in the New Age of Security by Arthur, Challener. It's also recommended by the Trusted Computing Group, the authors of TPM.