MSU kb files in wikileaks vault-7

[Nomen]

I'm decrypting the wikileaks Vault-7 file released last night, and I'm seeing a bunch of MS .MSU files inside this 500 mb archive.  I'm not sure what this means or why they're there.  These are somehow related to the CIA and their ability to hack various platforms, phones, and OS's.

 

Edited March 7, 2017 by Nomen

[Nomen]

These are the files:

IE10-Windows6.1-KB3032359-x64.msu
IE9-Windows6.1-KB3032359-x64.msu
Windows6.1-KB3000483-x64.msu
Windows6.1-KB3004361-x64.msu
Windows6.1-KB3013455-x64.msu
Windows6.1-KB3019215-x64.msu
Windows6.1-KB3019978-x64.msu
Windows6.1-KB3020387-x64.msu
Windows6.1-KB3020388-x64.msu
Windows6.1-KB3020393-x64.msu
Windows6.1-KB3021674-x64.msu
Windows6.1-KB3022777-x64.msu
Windows6.1-KB3023562-x64.msu
Windows6.1-KB3029944-x64.msu
Windows6.1-KB3030377-x64.msu
Windows6.1-KB3031432-x64.msu
Windows6.1-KB3032323-x64.msu
Windows6.1-KB3032359-x64.msu
Windows6.1-KB3033889-x64.msu
Windows6.1-KB3034344-x64.msu
Windows6.1-KB3035017-x64.msu
Windows6.1-KB3035126-x64.msu
Windows6.1-KB3035131-x64.msu
Windows6.1-KB3035132-x64.msu
Windows6.1-KB3036493-x64.msu
Windows6.1-KB3039066-x64.msu
Windows6.1-KB3046049-x64.msu

(wasn't sure if I should post this thread to the win-7 forum or here, since I think a lot of the same people would be interested in this no matter where it's posted)

 

[Nomen]

I've uploaded maybe 6 or 7 of these .msu files to VT and all but one of them tested positive for W32.Virus.Jeefo.Gen as detected by "Webroot" AV program.  All other AV programs detected nothing.
 

[Tripredacus]

None of the MSU/KB files have the hash value in the file name? I wonder if you could find other versions of the MSU file to compare the contents against. Also you should also have VT test those other ones as well, even known "good" one from the update catalog. It may just be a quirk of detection, like how some AV programs will detect anything packed with UPX as being a virus.

[Nomen]

Over the past day or two I've downloaded all these same .MSU files from MS and they do compare (byte-for-byte) with the files in the wikileaks vault-7 archive.   I don't know if there's a master document that's part of this archive that explains the layout of the archive, what certain files are, their relevance or meaning, etc.   The significance of why those particular MSU files are there remains unknown.