See the question and my original answer on StackOverflow

The main purpose is to benefit from COM+ application contexts.

CoGetObjectContext for IObjectContext or IObjectContextActivity will return E_NOTINTERFACE from pure in-process component, while it will successfully work in a COM+ library application (and a server application of course).

The security context is also available through CoGetCallContext for ISecurityCallContext.

It has nothing to do with performance or isolation.

As a site note, one way to check what's available to COM+ library applications is to run dcomcnfg.exe navigate to Component Services, Computers, My Computer, COM+ application, create a new library application and check what's still enabled (as opposed to a server application).