The detail missing is that those DLLs are COM servers, so it isn't really doing injection rather the standard COM RPC.