Hall: IBM, Red Hat and Free Software: An old maddog’s view

The way WSL2 works is that there's a single kernel instance running under hyperv, and all WSL instances are separate pid/mount/etc namespaces running on that same kernel - what some might call a container. So it makes sense to provide directly that kernel build, so that it gets security updates and such from windows updates. After all, a security breach in the kernel could allow a WSL payload to attack the hypervisor and then the host OS, among other reasons. And the integration with the host can be carefully controlled, and set up by what you might call the container manager. If the kernel came from the distribution itself instead, then it would be a full segregated VM, and the integration would be quite different.