What is the main advantage of using DuplicateHandle over process injection for deleting a single EVTX log entry?

The main advantage is that it avoids injecting into the protected process `svchost.exe`, which is subject to process protection on higher Windows versions. This method, detailed in Windows XML Event Log (EVTX) Single Log Entry Deletion (Part 5), enumerates all processes to obtain a handle to the log file and duplicates it using `DuplicateHandle` to gain permissions, eliminating the need to bypass injection protections or perform inter-process communication.