SVCHOST is a shell program or a generic host that is used to execute Microsoft Windows services.
Specifically speaking SVCHOST is a host program that provides a platform for .dll files for execution.
Programs such as windows defender and windows updater use the SVCHOST service for their execution.
SVCHOST was created when Microsoft replaced the .exe files of windows with .dll files.
The decision was made because the .exe files were not reusable nor extensible or scalable. So to improve efficiency and reusability .dll files were introduced.
But the problem was that .dll files cannot be executed directly. So a platform was needed that would execute these .dll files, and so the SVCHOST generic host was created.
A single SVCHOST can be used to host multiple windows services, usually related or relevant services are combined together on a single SVCHOST.
At a single instance, more than one SVCHOSTS service is running. The SVCHOST can be also used by some viruses and malicious programs due to its generic functionality.
SVCHOST is a flexible and scalable platform for running windows services. There might be multiple instances of SVCHOST running at a single time, each instance hosts its own service.
While once an instance is providing its services to an application or a program another instance can be launched at the same time to host another service. That’s why we see multiple SVCHOST processes in the task manager’s processes tab.