Inspecting Windows Updates

If you're curious or paranoid, you might want to know what files a certain Windows update contains. Every Windows update has a KB article number, and that article - publicly accessible online (support.microsoft.com/kb/number) - contains a list of affected files. Sometimes this list is in the article itself as a table; sometimes it's downloadable in CSV form.

If you're extra paranoid, you can download the MSU (standalone update package) from the KB article. Use wusa to expand it, like so:

wusa C:\full\path\to\update.msu /extract:C:\path\to\destfolder

That folder will then contain an XML document listing the CAB packages to install as well as an install order text file if the update runs commands directly. You can extract the CAB files with WinRAR or the expand utility. Inside each of those is one XML document listing the affected files (usually inside WinSxS); many files have a manifest that does things like creating hardlinks or shortcuts.

This post was adapted from an answer I wrote on Super User.