suspicious folder in edge userdata
A Reddit user reported discovering a suspicious folder named 'Edge Data Protection Lists' within the Microsoft Edge user data directory. The folder contains files such as smart_switch_list.json, llm_user_input_extractor_config.json, manifest.json, and office_endpoints_list.json. The user questioned the safety of these files while investigating Edge's cookie storage. No further technical details or vendor advisories are available.
AI Analysis
Technical Summary
This report concerns a user-discovered folder within the Microsoft Edge browser's user data directory containing several JSON configuration files. The folder, named 'Edge Data Protection Lists' with a versioned subfolder, appears to be part of Edge's internal data. There is no indication from the provided data that this folder or its contents represent a security vulnerability or threat. No known exploits or malicious activity have been reported in association with this folder. The source is a Reddit post linking to file contents for community review, but no authoritative confirmation or vendor advisory is available.
Potential Impact
There is no confirmed security impact based on the available information. The presence of these files alone does not indicate compromise or vulnerability. No known exploits or malicious behavior have been reported. The files may be part of legitimate Edge functionality related to data protection or configuration.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no vendor advisory or official statement is available, no specific mitigation can be recommended. Users should monitor official Microsoft Edge security advisories for updates. No immediate action is required based on the current information.
suspicious folder in edge userdata
Description
A Reddit user reported discovering a suspicious folder named 'Edge Data Protection Lists' within the Microsoft Edge user data directory. The folder contains files such as smart_switch_list.json, llm_user_input_extractor_config.json, manifest.json, and office_endpoints_list.json. The user questioned the safety of these files while investigating Edge's cookie storage. No further technical details or vendor advisories are available.
Reddit Discussion
while trying to find the google.com cookie edge hides details of in cookies and site data , i got side tracked while checking userdata of edge, while browsing i found this folder C:\Users\xxxxx\AppData\Local\Microsoft\Edge\User Data\Edge Data Protection Lists , inside is a another folder with a version name "2026.6.5.1" at date, files inside is what made me make this post :
- smart_switch_list.json
- llm_user_input_extractor_config.json
- manifest.json
- office_endpoints_list.json
TLDR is this safe?
pastebin link of files contents
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This report concerns a user-discovered folder within the Microsoft Edge browser's user data directory containing several JSON configuration files. The folder, named 'Edge Data Protection Lists' with a versioned subfolder, appears to be part of Edge's internal data. There is no indication from the provided data that this folder or its contents represent a security vulnerability or threat. No known exploits or malicious activity have been reported in association with this folder. The source is a Reddit post linking to file contents for community review, but no authoritative confirmation or vendor advisory is available.
Potential Impact
There is no confirmed security impact based on the available information. The presence of these files alone does not indicate compromise or vulnerability. No known exploits or malicious behavior have been reported. The files may be part of legitimate Edge functionality related to data protection or configuration.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no vendor advisory or official statement is available, no specific mitigation can be recommended. Users should monitor official Microsoft Edge security advisories for updates. No immediate action is required based on the current information.
Technical Details
- Source Type
- Subreddit
- cybersecurity
- Reddit Score
- 0
- Discussion Level
- minimal
- Content Source
- reddit_link_post
- Post Type
- link
- Domain
- null
- Newsworthiness Assessment
- {"score":27,"reasons":["external_link","established_author","very_recent"],"isNewsworthy":true,"foundNewsworthy":[],"foundNonNewsworthy":[]}
- Has External Source
- true
- Trusted Domain
- false
Threat ID: 6a35de31daaa79a87d80165c
Added to database: 6/20/2026, 12:26:25 AM
Last enriched: 6/20/2026, 12:26:31 AM
Last updated: 6/20/2026, 1:43:33 AM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.