A Windows 11 update released earlier this year introduced a bug that can silently consume up to 500GB of storage through a single permission-log file, and Microsoft only confirmed the issue weeks ago in buried patch notes. The CapabilityAccessManager.db-wal file is a write-ahead log for the Capability Access Manager, the component that tracks app permissions for the camera, microphone, location, and screen capture. On a healthy system, this file stays around 1.6MB to 4MB.
On affected machines, it has ballooned to 70GB, 200GB, and in one case verified through TreeSize, approximately 513GB. The bug stems from the WAL file failing to merge or compact back into the main SQLite database. Instead, it keeps growing as the OS logs repeated access requests.
Windows Latest traced the root cause to a Windows 11 update released in February or March 2026, with the first user reports surfacing about a year ago.
Microsoft never publicly listed the issue on its known issues dashboard. The company's only acknowledgment came on June 29, when it updated the release notes for update KB5095093 with a single line: "[Storage] This update improves disk space usage for the CapabilityAccessManager.db-wal file."
That fix was initially shipped as a June 2026 optional update. It rolls out to all users automatically today through the July 14 Patch Tuesday cumulative update, targeting Windows 11 versions 24H2 and 25H2.
Users who haven't installed the fix may not even know they're affected. Windows Settings groups the bloated file under "System files" in the System & Reserved category without identifying the culprit. The folder itself is protected, so File Explorer returns "Access denied" when users try to open it directly.
To check. Users can run a read-only robocopy command in an elevated Command Prompt: robocopy "C:\ProgramData\Microsoft\Windows\CapabilityAccessManager" "%TEMP%\CAMCheck" /L /B /R:0 /W:0 /BYTES /NP If the CapabilityAccessManager.db-wal file shows several gigabytes, the bug is active. Third-party tools like TreeSize, WizTree, or WinDirStat can also identify the file when run as administrator.
The impact is worst on systems with 512GB or 1TB SSDs, where a 200GB log file can cripple available space. Users with full drives who cannot run Windows Update can rename the oversized file from Safe Mode or Windows Recovery Environment, letting the OS regenerate a fresh WAL file.
Microsoft has not explained why the bug occurred or why some systems are more affected than others depending on which apps are in use.













