Microsoft has quietly shipped a fix for a disk space-eating bug in Windows 11 that could cause the CapabilityAccessManager database log file to bloat without limit. The patch, delivered in cumulative update KB5095093, targets a flaw where the CapabilityAccessManager.db-wal file under C:\ProgramData\Microsoft\Windows\CapabilityAccessManager would grow continuously, in some cases consuming tens of gigabytes of storage. Users who noticed mysterious drive space vanishing can finally reclaim those lost bytes.

The Culprit: A Runaway Database Log

Windows 11’s CapabilityAccessManager service controls which apps can access sensitive hardware like your webcam, microphone, and location. It maintains a database of permissions in the folder C:\ProgramData\Microsoft\Windows\CapabilityAccessManager. That database uses a Write-Ahead Log (WAL) file—the ".db-wal" file—to record changes before they’re committed to the main database.

Under normal operation, the db-wal file should periodically be checkpointed, meaning its contents get merged into the main database and the file shrinks back to a small size. A bug, now acknowledged by Microsoft, prevented that checkpointing from happening correctly. The result? The db-wal file kept growing indefinitely, gobbling up disk space with no warning in the Settings app or Disk Cleanup. Reports on forums and social media detailed files ballooning to 30 GB, 50 GB, and beyond—enough to cripple small SSDs or trigger low-disk-space alerts on larger drives.

The specific update that fixes this is KB5095093, a cumulative update for Windows 11. While Microsoft’s official release notes for the patch don’t mention this fix explicitly—as is typical with behind-the-scenes reliability improvements—internal testing and user verification have confirmed that after installing KB5095093, the WAL file stops growing, and the system can finally reclaim the space through normal database maintenance. Some users report the file immediately shrinks after the update; others may need to manually compact the database or simply wait for the automatic process to kick in.

What This Means for You, by User Type

Home users: If you’ve noticed your C: drive filling up faster than expected and you’ve already cleared temporary files, old downloads, and large games, the culprit might be this hidden database file. This is especially likely if you have many apps that request camera or microphone access—video conferencing tools, streaming software, voice chat apps—since each permission check can generate database activity. Until you install KB5095093, the problem will persist.

Power users and gamers: You’re likely to notice this faster. Tools like WinDirStat, TreeSize, or WizTree will flag a massive file under the CapabilityAccessManager folder. Before the fix, deleting the file manually wasn’t a permanent solution—the database would just recreate it and start bloating again. Now, after patching, any cleanup you do should stick. If you’ve already deleted the file in desperation, the update ensures it won’t bloat again.

IT administrators: This is a sleeping giant in enterprise environments. Workstations with many users, frequent permission prompts, or long uptimes could see the WAL file swell on dozens or hundreds of machines, degrading performance and triggering helpdesk calls. The fix in KB5095093 should be deployed as part of your regular Patch Tuesday cycle. Check your fleet for machines with unusually full system drives and inspect that specific folder. If you use disk-space monitoring tools, consider adding a check for files over 1 GB in that path to catch any stragglers that haven’t yet received the update.

Developers: If your application interacts with Windows capability permissions—requesting camera access, for instance—be aware that your testing machines might be suffering from this leak. It’s not your app’s fault, but it could skew performance testing or cause disk-full errors. Ensure your development environment is up to date.

How We Got Here: The CapabilityAccessManager and Its Growing Pains

The CapabilityAccessManager service debuted with Windows 10 as part of Microsoft’s push to give users more control over privacy. It’s the backend that enables those notification-area prompts like “Camera access is now on” and the per-app toggles in Settings > Privacy & security. Under the hood, it maintains an SQLite database to track which apps were allowed or denied access to capabilities like microphone, camera, location, and even Bluetooth.

SQLite databases use a WAL file as a performance optimization: instead of writing directly to the main database, changes go to the WAL first, then periodically merge. This bug appears to be a failure in the checkpointing logic—the database engine never fully committing the WAL, so the file grew without bound. It’s the digital equivalent of a paper inbox that only ever gets new memos added, never filed away.

This isn’t the first time a Windows system database has been caught gobbling disk space. Over the years, the Windows.edb search index, the SoftwareDistribution folder, and the CBS logs have all been known to bloat under certain conditions. But this bug was particularly insidious because the CapabilityAccessManager folder is buried deep in ProgramData, far from where users typically hunt for space hogs. Only the growing free-space alarm—or a third-party disk analyzer—would reveal the culprit.

The fix’s introduction in KB5095093 aligns with a period where Microsoft has been accelerating quality-of-life improvements for Windows 11. The update also includes other unspecified reliability fixes. Because the bug affected the database maintenance routine itself, the patch likely adjusts how often the WAL is checkpointed or ensures that checkpoints actually succeed. Microsoft generally does not elaborate on low-level database fixes in public release notes, so users must rely on community reports and their own verification to confirm the fix.

What to Do Now: Actionable Steps

  1. Install KB5095093 immediately. This update addresses the root cause. Go to Settings > Windows Update and check for updates. If you manage updates through WSUS or another tool, push KB5095093 to all Windows 11 machines. The update requires a restart.

  2. Verify the fix after installation. Navigate to C:\ProgramData\Microsoft\Windows\CapabilityAccessManager. (If you don’t see ProgramData, enable “Show hidden files” in File Explorer.) Look for CapabilityAccessManager.db-wal. After the update, the file should either have shrunk dramatically or will shrink over the next few minutes as the database performs housekeeping. If it’s still large, you can trigger a manual checkpoint using tools like DB Browser for SQLite, but most users won’t need to.

  3. If the file is already enormous, you can delete it—carefully. Before the patch, deletion was a temporary fix because the bug would recreate and rebloat the file. With the patch in place, the file will no longer bloat. To delete safely: stop the CapabilityAccessManager service from Services.msc, delete the db-wal file, then restart the service. But this is optional; the database will eventually shrink the file on its own after the update. Only do this if you’re critically low on space. Do not delete the main .db file, just the -wal file.

  4. Run Disk Cleanup or Storage Sense afterward. After the update, free disk space may be automatically reclaimed by normal system maintenance. You can speed up the process by running Disk Cleanup as administrator and scanning for system files.

  5. Monitor going forward. For peace of mind, keep an eye on the CapabilityAccessManager folder for a few days. The db-wal file may fluctuate slightly in normal use, but it should now remain in the range of a few megabytes, not gigabytes.

A Broader Lesson in Windows Housekeeping

This incident is a reminder that even core Windows components can develop silent resource leaks that go unnoticed for months. The CapabilityAccessManager bug likely existed for multiple Windows 11 releases before Microsoft patched it. Because the service is always running and the database is written to constantly, the bloat accelerates over time. Users who rarely restart their PCs—keeping them in sleep or hibernate—were especially vulnerable, as the database never had a chance to checkpoint during a cold boot.

For Microsoft, this highlights the need for better built-in storage-health monitoring. Windows already warns about low disk space, but it doesn’t proactively identify what’s eating the space. A “storage insights” feature that flags abnormally large system files could have surfaced this bug much sooner. Until then, third-party tools remain essential.

Outlook: What to Watch Next

KB5095093 is a cumulative update that’s part of the standard servicing stack, so it will be included in all subsequent Windows 11 builds. If you’re on an Insider build, the fix likely arrived there first. The real test will come in the months ahead as patched systems are observed in the wild. If Microsoft’s fix is complete, we should see the end of desperate forum threads about mystery disk consumption. If the db-wal file shows any resurgence, it will signal a deeper architectural issue with how CapabilityAccessManager handles its database—and that would demand a more thorough overhaul.

For now, Windows 11 users can breathe a sigh of relief and reclaim those lost gigabytes. The tiny db-wal file that grew into a monster has finally been tamed.