If your process is spawning the process into which you want to inject code, things get a little easier. For one, your process (the parent process) can create the new process suspended. This approach allows you to alter the child process’ state without affecting its execution, because it hasn’t started executing anything yet. But the parent process also gets a handle to the child process’ primary thread. Using this handle, you can alter what code the thread executes. You can solve the problem mentioned in the previous section because you can set the thread’s instruction pointer to execute the code in the memory-mapped file.

Here is one way for your process to control what code the child process’ primary thread executes: ...