You can edit your local Group Policies by running gpedit.msc (first part of point 1, the Group Policy Management Console)
I would suggest doing the settings like they show them in the screenshot (point 5).
The important stuff is to enable Credential Guard Configuration. Be aware: Do NOT enable Virtualization Based Protection of Code Integrity, leave it set to Not Configured otherwise this may run you in really big troubles (chances are low, but who knows).
Reboot afterwards.
You can simply revert this change by setting to radio button back to Not Configured and reboot.
Note 1: Enabling this could cause troubles with connecting to WiFi, if the WiFi you want to connect to only supports old authentication methods (which are known for being insecure for years now) you canāt connect to it.
Note 2: If your device is joined to a Domain, these settings could possibly be overwritten by GPOs set by your admins.
Iāve encountered the exact same issue today. Docker refuses to work on both the WSL2 and the old virtualization engine. Manually installing wsl fails. Iām getting the same errors as OP.
Disabling Intel Trusted Execution Technology in BIOS has allowed Docker and Hyper-V to work!
Hypervisor is now reported as present, where previously it wasnāt.
Iām not sure what you are trying to say, but pretty sure that a few weeks of frustration could have been avoided if the setting was not enabled by default or if the support team wouldnāt keep telling me itās a software issue. And by support, Iām not referring to this thread.
Youāre asking for the OOTB security posture of the product to be lowered out of the box for everyone due to a 3rd party software execution requirement. The length of time of the frustration was a knowledge-base issue. (i.e. if you had known about it, on day x, then the frustration period is a derivative of x) Thereās some degree of accountability here for the insufficient knowledge as an end-user. The relationship of docker is with you, the end-user, not between Docker and Framework. Older BIOS implementations had TXT disabled, Secured Boot disabled. However, the security landscape is changing (as always). and Secured Boot is enabled by default for many new laptop models. Itās the direction of better security posture out of the box (enabled security feature by default, then disable security feature as needed per endpoint)
Secondly, if anything, the āsupportā should have come from Microsoft for Hyper-V and from Docker for docker. Itās not up to laptop manufacturers to know / aware of 3rd party software requirements.
Regardless of your wishes, Iām glad that youāve found the solution.
