Simple
Enable it by default to block rootkits for the PC World crowd, allow it to be turned off for the advanced users who want to install other OS's. Pretty simple really, and an approach the OEM's will no doubt take to appease both MS and more savvy consumers.
I see this as a good move against the army of rootkit induced bots living on grannys laptops.
Biting the hand that feeds IT
