Windows 11 users have grown accustomed to mysterious storage consumption. Updates balloon. Temporary files linger. Yet few expected a single system file to devour up to 500GB without warning. The culprit? CapabilityAccessManager.db-wal. Tucked in a protected folder, it ballooned on some machines for months. Microsoft stayed quiet until recently. Then it shipped a fix. The episode exposes deeper tensions in how the OS handles logging, permissions and disk management.
The file lives at C:\ProgramData\Microsoft\Windows\CapabilityAccessManager\. It serves as the write-ahead log for a SQLite database tracking app access to sensitive features. Camera. Microphone. Location. Screen capture. Capability Access Manager records these requests so users can review permissions later. In normal operation the WAL file grows modestly then merges back into the main database. On affected systems that process broke. The log kept appending. It never compacted. Storage vanished. Slowly at first. Then dramatically.
One File, Many Victims
Reports surfaced earlier this year. They accelerated in recent months. A Feedback Hub post described 200GB consumed by the file alone. On Reddit’s r/techsupport one user watched TreeSize report 513GB for the same WAL entry. Pagefile and hibernation files accounted for just 29GB total. Others cited 70GB, 110GB or 200GB. The Verge noted cases from 12GB all the way to 500GB. (The Verge)
Windows Latest tested the behavior directly. On healthy machines the entire CapabilityAccessManager folder stayed under 4MB with the .db-wal file around 1.6MB. On impacted PCs it ballooned into the tens or hundreds of gigabytes. The publication traced the trigger to a Windows 11 update from February or March 2026. Not every user suffered. Those running certain apps or privacy-intensive workloads saw faster growth. Repeated logging of location requests or permission checks appeared to fuel the loop. (Windows Latest)
TechRadar described the experience as eerie. Drives filled for no obvious reason. The file refused to shrink on its own. Some users resorted to Safe Mode or Windows Recovery Environment to rename the oversized log so Windows could generate a fresh one. Deleting it outright carried risks. The system would recreate the file but the underlying bug persisted until patched. (TechRadar)
Microsoft’s response came late but precisely. On June 23 it released an optional preview update labeled KB5095093 for Windows 11 versions 24H2 and 25H2. Release notes initially omitted the storage problem. Then on June 29 the entry changed. “[Storage] This update improves disk space usage for the CapabilityAccessManager.db-wal file.” The same fix will arrive for all users on July 14 Patch Tuesday. The company has not published a full postmortem. It never listed the bug on the Windows 11 known issues dashboard. That silence frustrated administrators tracking down phantom storage hogs hidden under “System & reserved.”
Checking for the problem requires care. The folder blocks standard File Explorer access. Settings > System > Storage > Show more categories > System & reserved reveals “System files” usage. When that number climbs into dozens or hundreds of gigabytes the file often sits at the root. Windows Latest recommends an elevated Command Prompt command using robocopy in list-only mode to inspect size without altering permissions. WizTree, TreeSize or WinDirStat run as administrator also surface it quickly once sorted by size. But most users never think to look. They simply notice low disk warnings and assume the OS itself demands ever more room.
The bug highlights broader patterns. Windows maintains extensive logging for privacy compliance. Those logs must remain accurate yet compact. SQLite WAL files exist precisely to allow safe writes without corrupting the main database during crashes. When the checkpoint and merge steps fail the log grows unchecked. Similar issues have appeared before with Windows Update caches, WinSxS bloat or System Restore points. Each time Microsoft adds cleanup routines. Each time some users still encounter edge cases.
Enterprise environments face amplified pain. A 256GB SSD common on laptops fills fast when 100GB disappears into one log. Virtual machines, thin clients and older hardware suffer most. Developers testing permission-heavy apps see the growth accelerate. One theory points to a regression in how the OS batches privacy events after a 2026 update. Microsoft has offered no confirmation.
So what now? Install the optional update if storage pressure already bites. Head to Settings > Windows Update > Advanced options > Optional updates and select KB5095093. Systems with space to spare can wait for the July 14 rollout. Those completely full may need Recovery Environment intervention first: rename the massive .db-wal file then apply the patch. After the fix the database should resume normal compaction. Future growth stays minimal.
Yet the incident leaves questions. Why did detection take so long? Storage settings surface aggregate numbers but hide the specific offender. No built-in alert flags runaway system logs. Feedback Hub reports gathered for months before action. Microsoft now improves the file’s space usage. Insiders hope the change prevents recurrence across future feature updates.
Users have grown wary of hidden consumption. They run cleanup tools more often. They monitor Storage Sense. Some disable features tied to constant permission tracking. The CapabilityAccessManager saga won’t change core OS design. It does remind IT teams that even mature platforms carry obscure failure modes. One database log. Hundreds of gigabytes. And a quiet patch that finally closes the leak.
Recent coverage confirms the fix rolls out broadly this month. Windows Latest reported on July 6 that the July Patch Tuesday will include the improvement automatically for everyone. No new reports of fresh growth have surfaced post-update in early testing. The story may fade. The lesson remains. Sometimes the biggest storage hog hides in plain sight inside a folder few ever open.


WebProNews is an iEntry Publication