A quiet storage leak that transformed a tiny Windows privacy database into a multi-gigabyte monster has been neutralized. Microsoft shipped the fix inside the June 23, 2026 optional preview update KB5095093, officially acknowledging that the CapabilityAccessManager.db-wal file could balloon from a few kilobytes to tens of gigabytes without warning. The bug, which flew under the radar for months, silently consumed scarce SSD space on laptops and desktops, leaving users bewildered when their drives abruptly filled up.

The root cause was an ordinary database maintenance file that never got cleaned. CapabilityAccessManager.db-wal is a write-ahead log (WAL) associated with the SQLite database Windows 11 uses to track app permissions—think microphone, camera, and location access. Under normal conditions, the WAL file should checkpoint regularly, merging its contents back into the main database and resetting its size. But a logic error in the cleanup routine prevented that from happening. Over time, every consent request, every privacy toggle, and every background app activity tacked more data onto the WAL, and nothing reaped it.

Users on Reddit, Microsoft Answers, and enthusiast forums began connecting the dots in early 2026. They noticed their system drives—often 256 GB or 512 GB NVMe SSDs—were mysteriously low on space. Disk cleaners like Storage Sense and third-party tools failed to identify the culprit because the bloated file sat inside a protected system folder. IT administrators who ran Windows 11 on small-footprint virtual desktops were hit hardest; a sudden spike to 30 GB could cripple a VM in hours.

The Anatomy of the Bug

Microsoft describes CapabilityAccessManager as the service that “routes consent checks and manages the consent store for capabilities.” Its database lives in C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\CapabilityAccessManager. The main file is CapabilityAccessManager.db, a SQLite database. Beside it sits the WAL file, CapabilityAccessManager.db-wal. In a healthy system, the WAL acts as a temporary scratchpad: SQLite writes changes there first, then periodically transfers them to the main database during a checkpoint. The WAL should rarely exceed a few megabytes, even on busy machines.

In builds affected by the bug—principally Windows 11 24H2 and earlier revisions updated throughout 2025—the checkpoint mechanism stalled. Every app permission event, network capability consent, and background task authorization wrote an entry to the WAL. Without a checkpoint, the file grew linearly with system uptime. A machine that stayed powered on for weeks could accumulate 10 GB, 20 GB, or more in a single file completely invisible to Disk Cleanup.

Microsoft’s documentation for KB5095093 confirms: “This update addresses an issue where the CapabilityAccessManager.db-wal file grows excessively on the system drive, which can lead to disk space pressure.” The fix forces a checkpoint after a predefined threshold or on service restart, ensuring the WAL file size remains bounded.

User Impact: Wasted Gigabytes and Frustration

The practical impact was severe. Solid-state drives lose performance when they are over 70-80% full, and write amplification can shorten their lifespan. For users on cheap laptops with 128 GB eMMC storage, even a 5 GB WAL file could make Windows unusable. Background tasks like Windows Update would fail with cryptic “not enough disk space” errors, while the Settings app showed Storage Sense as having freed nothing because it didn’t scan the CapabilityAccessManager directory.

Power users resorted to manual cleanup. On forum threads, users shared a powershell snippet to delete the WAL file—only to see it regenerate immediately and resume growing. The only reliable workaround was to stop the CapabilityAccessManager service, delete the WAL, and restart the service. But doing so also cleared the consent store, forcing apps to re-prompt for microphone or camera access, creating a repetitive nuisance.

“I was losing 2 GB a day on a 256 GB SSD and had no idea why,” one IT admin wrote on the Windows Forum. “Tools like WinDirStat showed a huge file in CapabilityAccessManager, but Windows wouldn’t let me touch it. I had to reboot into safe mode every weekend just to reclaim space.”

Microsoft’s Response: KB5095093

The June 23, 2026 optional preview update KB5095093 delivers the long-awaited fix. It is categorized as a non-security, cumulative quality update for Windows 11 24H2 (and presumably backported to 23H2 based on Microsoft’s servicing model, though the official notes focus on 24H2). The update also bundles other quality improvements, but the CapabilityAccessManager fix is its headline feature.

Microsoft’s release notes are terse: “This update addresses a known issue that causes the CapabilityAccessManager.db-wal file to grow large. After installing this update, the system will automatically compress the file and prevent future excessive growth.” Early reports from users who installed the preview suggest the fix works immediately post-reboot: the system detects an oversized WAL, performs emergency checkpointing, and shrinks the file to a few hundred kilobytes. One tester noted that a 28 GB WAL file was reduced to 340 KB within minutes of applying KB5095093.

The update does not touch the main consent database, so no app permissions are lost. Microsoft also added a scheduled task that periodically triggers a checkpoint if the service remains idle, adding a belt-and-suspenders safety net.

Technical Underpinnings of the Fix

While Microsoft did not publish a detailed code analysis, the behavior change points to two specific adjustments. First, the CapabilityAccessManager service now calls sqlite3_wal_checkpoint_v2 with the SQLITE_CHECKPOINT_TRUNCATE flag every time the service processes a batch of consent changes, or when the WAL file exceeds 16 MB. This truncated mode not only merges the WAL but also resets the WAL file size to zero, the same result as a full checkpoint. Second, the service monitors the WAL file size via a file system watcher and triggers an emergency cleanup if it detects anomalous growth—perhaps the result of a still-undefined edge case that originally broke the checkpoint loop.

SQLite experts note that such bugs often stem from missing calls after an error path. If the checkpoint function fails due to a transient lock, the service might have been designed to skip it silently and never retry. The code might also have used the passive checkpoint mode (SQLITE_CHECKPOINT_PASSIVE), which does as much work as it can without blocking writes but never truncates the WAL. Over weeks of heavy consent activity, that passive mode could fall so far behind that the WAL grew without bound. The fix likely switches to a full or truncated checkpoint, which briefly blocks writes but guarantees a bounded log.

Broader Implications for Windows Maintenance

The CapabilityAccessManager bug is not an isolated incident. Windows 11’s privacy consent system is part of a larger trend where internal databases (Settings apps, indexing, telemetry) use SQLite or equivalent store-and-forward mechanisms. If a similar checkpoint failure affected the Windows Search indexer or the Notification Platform database, the result could be even more disruptive.

Microsoft’s own guidance for enterprise deployment says that “CapabilityAccessManager is a core system component and should not be disabled.” That made the bloat particularly insidious because users could not simply turn off the service without breaking essential privacy prompts. The fix restores confidence in the consent infrastructure, but it also highlights how larger default OS footprints require more vigilant internal housekeeping.

For IT admins, the episode is a reminder to monitor unusual file growth under system profiles. Many endpoint monitoring tools do not scan C:\Windows\System32\config\systemprofile by default. Adding that path to disk-usage alerts could catch similar issues before they cause outages. Microsoft’s Azure monitoring suite and third-party RMM tools should incorporate this as a standard check.

How to Apply the Fix

KB5095093 is currently available as an optional preview. To install it, open Windows Update, select “Check for updates,” and look for “2026-06 Cumulative Update Preview for Windows 11 Version 24H2 for x64-based Systems (KB5095093).” Because it is optional, you must manually click “Download and install.” Microsoft typically rolls the fixes from the preview into the next month’s mandatory Patch Tuesday update, so those who prefer to wait will get it automatically in July 2026.

For machines already suffering from extreme bloat, applying the update alone is enough; the first boot will shrink the WAL. However, if a user has deleted the WAL manually before installing, the update will prevent regrowth. No additional action is required.

Users on systems with very limited free space—less than 10 GB—may need to temporarily free up space to install the update itself, as Windows Update needs headroom to stage the package. In that case, running Disk Cleanup as administrator and deleting Windows Update Cleanup files can provide enough breathing room.

Community Reaction

Reaction to the fix has been overwhelmingly positive, though seasoned Windows watchers expressed frustration that the bug took months to acknowledge. “Microsoft’s own telemetry should have caught a 30 GB WAL file long before users did,” one power user wrote. Indeed, if Microsoft’s telemetry collects file-size data for critical system files, the anomalous growth should have triggered an alert. The fact that it didn’t suggests either a gap in telemetry collection or a broken feedback loop between engineering and the servicing team.

Nevertheless, the rapid availability of a fix—first in the Release Preview Channel and then quickly as an optional cumulative update—shows improvement in Microsoft’s responsiveness since the early Windows 11 days. The company also updated its known issues page for Windows 11 24H2 to document the bug, a transparency step that was often skipped in the past.

Conclusion

The CapabilityAccessManager WAL bloat bug was a quiet disk-space thief that likely affected millions of Windows 11 devices. With KB5095093, Microsoft has slammed the door on a wasteful design flaw that turned a privacy convenience into a storage nightmare. The fix is surgical, safe, and requires no user intervention beyond installing the update. For Windows 11 users nursing mysteriously full drives, this optional patch could be the most satisfying download of the month.

Going forward, Microsoft’s engineering team will likely review other internal database systems for similar checkpoint failures. As Windows continues to evolve into a more database-driven OS, the robustness of these invisible housekeeping routines will become just as critical as the kernel itself. For now, CapabilityAccessManager.db-wal can finally stop being the elephant in the system.