threatpost[.]com/windows-atom-tables-can-be-abused-for-code-injection-attacks/121589/
The article talks about another way that a malicious app can get away with doing bad things & not be detected by your security apps. On its own that app doesn't try to phone home, doesn't try to change anything or do anything that might cause security software to notice -- it does inject code into a regular, innocent process, hijacking it to do the dirty work. But as it is an innocent process, & your security software Knows it's an innocent process, there are no red flags or alarms.