diff --git a/features/core.feature b/features/core.feature
index a8998aecd0..9be8d2686d 100644
--- a/features/core.feature
+++ b/features/core.feature
@@ -299,6 +299,34 @@ Feature: Manage WordPress installation
       Error: WordPress install doesn't verify against checksums.
       """
 
+  Scenario: Core update from cache
+    Given a WP install
+    And an empty cache
+
+    When I run `wp core update --version=3.8.1 --force`
+    Then STDOUT should not contain:
+      """
+      Using cached file
+      """
+    And STDOUT should contain:
+      """
+      Downloading
+      """
+
+    When I run `wp core update --version=3.9 --force`
+    Then STDOUT should not be empty
+
+    When I run `wp core update --version=3.8.1 --force`
+    Then STDOUT should contain:
+      """
+      Using cached file '{SUITE_CACHE_DIR}/core/en_US-3.8.1.tar.gz'...
+      """
+    And STDOUT should not contain:
+      """
+      Downloading
+      """
+
+
   Scenario: User defined in wp-cli.yml
     Given an empty directory
     And WP files
diff --git a/php/WP_CLI/CoreUpgrader.php b/php/WP_CLI/CoreUpgrader.php
new file mode 100644
index 0000000000..d3d3692e44
--- /dev/null
+++ b/php/WP_CLI/CoreUpgrader.php
@@ -0,0 +1,67 @@
+<?php
+
+namespace WP_CLI;
+
+use WP_CLI;
+
+/**
+ * A Core Upgrader class that caches the download, and uses cached if available
+ *
+ * @package wp-cli
+ */
+class CoreUpgrader extends \Core_Upgrader {
+
+	function download_package( $package ) {
+
+		/**
+		 * Filter whether to return the package.
+		 *
+		 * @since 3.7.0
+		 *
+		 * @param bool    $reply   Whether to bail without returning the package. Default is false.
+		 * @param string  $package The package file name.
+		 * @param object  $this    The WP_Upgrader instance.
+		 */
+		$reply = apply_filters( 'upgrader_pre_download', false, $package, $this );
+		if ( false !== $reply )
+			return $reply;
+
+		if ( ! preg_match('!^(http|https|ftp)://!i', $package) && file_exists($package) ) //Local file or remote?
+			return $package; //must be a local file..
+
+		if ( empty( $package ) )
+			return new WP_Error( 'no_package', $this->strings['no_package'] );
+
+		$temp = sys_get_temp_dir() . '/' . uniqid('wp_') . '.tar.gz';
+
+		$cache = WP_CLI::get_cache();
+		$update = $GLOBALS['wp_cli_update_obj'];
+		$cache_key = "core/{$update->locale}-{$update->version}.tar.gz";
+		$cache_file = $cache->has( $cache_key );
+
+		if ( $cache_file ) {
+			WP_CLI::log( "Using cached file '$cache_file'..." );
+			copy( $cache_file, $temp );
+			return $temp;
+		} else {
+			// We need to use a temporary file because piping from cURL to tar is flaky
+			// on MinGW (and probably in other environments too).
+			$temp = sys_get_temp_dir() . '/' . uniqid('wp_') . '.tar.gz';
+
+			$headers = array('Accept' => 'application/json');
+			$options = array(
+				'timeout' => 600,  // 10 minutes ought to be enough for everybody
+				'filename' => $temp
+			);
+
+			$this->skin->feedback( 'downloading_package', $package );
+
+			Utils\http_request( 'GET', $package, null, $headers, $options );
+			$cache->import( $cache_key, $temp );
+			return $temp;
+		}
+
+	}
+
+}
+
diff --git a/php/WP_CLI/NonDestructiveCoreUpgrader.php b/php/WP_CLI/NonDestructiveCoreUpgrader.php
index 41ba059493..ebad21cbd2 100644
--- a/php/WP_CLI/NonDestructiveCoreUpgrader.php
+++ b/php/WP_CLI/NonDestructiveCoreUpgrader.php
@@ -7,7 +7,7 @@
  *
  * @package wp-cli
  */
-class NonDestructiveCoreUpgrader extends \Core_Upgrader {
+class NonDestructiveCoreUpgrader extends CoreUpgrader {
 	function unpack_package($package, $delete_package = false) {
 		return parent::unpack_package( $package, $delete_package );
 	}
diff --git a/php/commands/core.php b/php/commands/core.php
index c9c084a4ee..9466a3e6fe 100644
--- a/php/commands/core.php
+++ b/php/commands/core.php
@@ -75,7 +75,7 @@ public function download( $args, $assoc_args ) {
 				'filename' => $temp
 			);
 
-			self::_request( 'GET', $download_url, $headers, $options );
+			Utils\http_request( 'GET', $download_url, null, $headers, $options );
 			self::_extract( $temp, ABSPATH );
 			$cache->import( $cache_key, $temp );
 			unlink($temp);
@@ -134,44 +134,9 @@ private static function _rmdir( $dir ) {
 		rmdir( $dir );
 	}
 
-	private static function _request( $method, $url, $headers = array(), $options = array() ) {
-		$pem_copied = false;
-
-		// cURL can't read Phar archives
-		if ( 0 === strpos( WP_CLI_ROOT, 'phar://' ) ) {
-			$options['verify'] = sys_get_temp_dir() . '/wp-cli-cacert.pem';
-
-			copy(
-				WP_CLI_ROOT . '/vendor/rmccue/requests/library/Requests/Transport/cacert.pem',
-				$options['verify']
-			);
-			$pem_copied = true;
-		}
-
-		try {
-			$request = Requests::get( $url, $headers, $options );
-			if ( $pem_copied ) {
-				unlink( $options['verify'] );
-			}
-			return $request;
-		} catch( Requests_Exception $ex ) {
-			// Handle SSL certificate issues gracefully
-			WP_CLI::warning( $ex->getMessage() );
-			if ( $pem_copied ) {
-				unlink( $options['verify'] );
-			}
-			$options['verify'] = false;
-			try {
-				return Requests::get( $url, $headers, $options );
-			} catch( Requests_Exception $ex ) {
-				WP_CLI::error( $ex->getMessage() );
-			}
-		}
-	}
-
 	private static function _read( $url ) {
 		$headers = array('Accept' => 'application/json');
-		return self::_request( 'GET', $url, $headers )->body;
+		return Utils\http_request( 'GET', $url, null, $headers )->body;
 	}
 
 	private function get_download_offer( $locale ) {
@@ -694,11 +659,11 @@ private static function get_core_checksums( $version, $locale ) {
 		$headers = array(
 			'Accept' => 'application/json'
 		);
-		$response = self::_request( 'GET', $url, $headers, $options );
+		$response = Utils\http_request( 'GET', $url, null, $headers, $options );
 
 		if ( $ssl && ! $response->success ) {
 			WP_CLI::warning( 'wp-cli could not establish a secure connection to WordPress.org. Please contact your server administrator.' );
-			$response = self::_request( 'GET', $http_url, $headers, $options );
+			$response = Utils\http_request( 'GET', $http_url, null, $headers, $options );
 		}
 
 		if ( ! $response->success || 200 != $response->status_code )
@@ -785,7 +750,7 @@ function update( $args, $assoc_args ) {
 		global $wp_version;
 
 		$update = $from_api = null;
-		$upgrader = 'Core_Upgrader';
+		$upgrader = 'WP_CLI\\CoreUpgrader';
 
 		if ( ! empty( $args[0] ) ) {
 
@@ -825,8 +790,6 @@ function update( $args, $assoc_args ) {
 
 			$new_package = $this->get_download_url($version, $locale);
 
-			WP_CLI::log( sprintf( 'Downloading WordPress %s (%s)...', $assoc_args['version'], $locale ) );
-
 			$update = (object) array(
 				'response' => 'upgrade',
 				'current' => $assoc_args['version'],
@@ -854,7 +817,9 @@ function update( $args, $assoc_args ) {
 			WP_CLI::log( "Starting update..." );
 		}
 
+		$GLOBALS['wp_cli_update_obj'] = $update;
 		$result = Utils\get_upgrader( $upgrader )->upgrade( $update );
+		unset( $GLOBALS['wp_cli_update_obj'] );
 
 		if ( is_wp_error($result) ) {
 			$msg = WP_CLI::error_to_string( $result );
diff --git a/php/utils.php b/php/utils.php
index e033be5bb1..fbee550acb 100644
--- a/php/utils.php
+++ b/php/utils.php
@@ -401,3 +401,47 @@ function replace_path_consts( $source, $path ) {
 
 	return str_replace( $old, $new, $source );
 }
+
+/**
+ * Make a HTTP request to a remote URL
+ *
+ * @param string $method
+ * @param string $url
+ * @param array $headers
+ * @param array $options
+ * @return object
+ */
+function http_request( $method, $url, $data = null, $headers = array(), $options = array() ) {
+	$pem_copied = false;
+
+	// cURL can't read Phar archives
+	if ( 0 === strpos( WP_CLI_ROOT, 'phar://' ) ) {
+		$options['verify'] = sys_get_temp_dir() . '/wp-cli-cacert.pem';
+
+		copy(
+			WP_CLI_ROOT . '/vendor/rmccue/requests/library/Requests/Transport/cacert.pem',
+			$options['verify']
+		);
+		$pem_copied = true;
+	}
+
+	try {
+		$request = \Requests::request( $url, $headers, $data, $method, $options );
+		if ( $pem_copied ) {
+			unlink( $options['verify'] );
+		}
+		return $request;
+	} catch( \Requests_Exception $ex ) {
+		// Handle SSL certificate issues gracefully
+		\WP_CLI::warning( $ex->getMessage() );
+		if ( $pem_copied ) {
+			unlink( $options['verify'] );
+		}
+		$options['verify'] = false;
+		try {
+			return \Requests::request( $url, $headers, $data, $method, $options );
+		} catch( \Requests_Exception $ex ) {
+			\WP_CLI::error( $ex->getMessage() );
+		}
+	}
+}