Microsoft admits a Windows 11 bug is eating up to 500GB of storage, verify if you are affected.
Microsoft admits a Windows 11 bug causes a system file to silently consume up to 500GB of storage. Check if your PC is affected and what Microsoft has

Microsoft has admitted that a Windows 11 bug has been silently consuming up to 500GB of storage on affected PCs — and in the worst confirmed case, a single locked system file swelled to 570GB, leaving a drive with literally zero bytes free. It took months of user complaints, Feedback Hub reports, and community-led forensic digging before Microsoft quietly acknowledged the problem in a June 2026 optional update. The culprit is a runaway SQLite write-ahead log buried deep inside a protected directory, and if you haven't checked your system recently, it may already be eating a substantial chunk of your drive.
What Exactly Is Going Wrong — and Why
The file at the center of this mess is called CapabilityAccessManager.db-wal, sitting in the protected system directory C:\ProgramData\Microsoft\Windows\CapabilityAccessManager\. Under normal conditions this file should be just a few megabytes — one healthy system examined by Windows Latest showed the entire folder under 4MB, with the WAL file itself around 1.6MB. On affected machines, that same file has grown to 66GB, 110GB, 200GB, and in at least one documented case an extraordinary 570GB.
To understand how this happens, it helps to know what the Capability Access Manager (CAM) actually does. It's the Windows 11 subsystem that tracks which applications have been granted access to privacy-sensitive hardware and data: your microphone, camera, location services, contacts, and screen capture. Every time an app requests or exercises one of those permissions, CAM logs the event. That logging relies on a standard SQLite write-ahead log (WAL) architecture — a common database pattern where changes are first written to a WAL file, then periodically merged, or "checkpointed," back into the main .db database file.
The bug, as technical contributors on the Microsoft Q&A forum have explained, is that the checkpointing process stops working correctly on affected systems. The WAL file keeps accumulating new permission-log entries — particularly from background app requests like location checks and Wi-Fi adapter queries — without ever being compacted back into the main database. The result is uncontrolled, silent growth that Windows' own built-in cleanup tools can't touch, because the file is held open by an active system service (camsvc) and can't be released or reclaimed by Storage Sense or Disk Cleanup.
The regression appears to have been introduced by a Windows 11 update in early 2026, based on when affected users first began reporting the problem in volume. It affects Windows 11 versions 24H2 (OS build 26100) and 25H2 (OS build 26200). Importantly, not every machine is impacted — the rate of WAL growth appears to correlate directly with how aggressively installed apps poll privacy-sensitive APIs in the background. Devices running many location-aware or smart-home applications are at higher risk.
Microsoft Admits Windows 11 Bug: The Scale of Real User Reports
The Microsoft Q&A thread became a gathering point for affected users long before any official acknowledgement. The documented file sizes paint an unambiguous picture of the bug's severity:
| User | db-wal File Size | Drive Capacity | Reported Impact |
|---|---|---|---|
| Donald Gibson | 66.5 GB | 221 GB | Drive nearly full; sought Microsoft Support help |
| Ed Kaz | 36 GB | 120 GB SSD (Surface Pro 7) | Significant storage loss on thin-and-light device |
| Stephen Murphy | ~200 GB | 256 GB | 0 bytes free remaining |
| Alexis Loizou | 99 GB | Unspecified | Identified via third-party disk analyzer |
| Richard Le Lohe | 110+ GB | Dell laptop | Storage capacity effectively halved |
| Jeffrey Bihl | 570 GB | Unspecified | Largest confirmed case on record |
| Matt Thomas | 276.5 GB | Unspecified | Discovered via TreeSize scan |
Source: Microsoft Q&A community thread and Windows Latest reporting, July 2026.
Users on Reddit's r/techsupport and r/pcmasterrace corroborated these numbers, with one member independently verifying roughly 513GB consumed on a single system using the TreeSize disk analysis tool. The downstream consequences are serious: Windows Update fails to install patches because there's no free space to stage them; applications refuse to install or update; backup and restore operations abort; and on smaller drives — particularly the 256GB SSDs common in budget laptops and mid-range Surface devices — systems can become entirely unresponsive. That last point makes this more than a storage annoyance: machines that can't install updates are machines quietly falling behind on security patches.
Perhaps most alarming was the initial Microsoft support response reported by Donald Gibson in the Q&A thread. When he contacted Microsoft Support, the agent had never heard of the problem, consulted a supervisor, and came back with advice to buy a portable hard drive — adding that she was "not allowed to assist" with deleting the file. That response became emblematic of how the bug was handled during the months it went publicly unacknowledged, and was widely circulated under search queries like microsoft admits windows bug reddit and microsoft admits windows 11 is bad.
How Microsoft Finally Admitted the Windows 11 Bug — and When
For months, Microsoft didn't list this as a known issue on its Windows Known Issues Dashboard, issued no advisory, and offered no explanation of the root cause. Coverage from outlets including gHacks, Windows Latest, and Neowin — which covered the story under the headline "Microsoft admits a default Windows 11 feature is quietly gobbling up massive disk space" — helped amplify user reports before any official statement appeared. The first and only formal acknowledgement came not through a support article or security bulletin, but through a single understated line in the release notes for KB5095093, an optional cumulative update released on June 23, 2026:
"[Storage] This update improves disk space usage for the CapabilityAccessManager.db-wal file."
— Microsoft KB5095093 release notes, June 23, 2026
That line applies to OS builds 26200.8737 and 26100.8737, covering Windows 11 versions 25H2 and 24H2 respectively. Microsoft has still not publicly explained why the WAL checkpointing mechanism failed, has not issued a post-incident report, and has not indicated whether Windows 11 Insider Preview builds beyond 25H2 are also affected.
KB5095093 was released as an optional preview update, meaning it doesn't install automatically. The permanent fix is expected to ship as part of the July 14, 2026 Patch Tuesday cumulative update, which will roll out automatically to standard Windows Update users. Until that mandatory rollout, every affected user must either manually install the optional update or apply a workaround.
Does This Bug Affect Windows 10?
Based on available reporting, this specific bug is confined to Windows 11 24H2 and 25H2 — the versions that use the current iteration of the Capability Access Manager's WAL-based logging. Windows 10 uses an older version of the permission-management subsystem and has not been reported as affected by this particular CapabilityAccessManager.db-wal regression. If you're searching for information about a microsoft admits windows bug windows 10 scenario, note that this is a Windows 11-specific issue with no apparent Windows 10 counterpart. Windows 10 users dealing with unexplained storage consumption should look at other common culprits — Windows Update download caches, hibernation files, or System Restore shadow copies.
How to Check If You Are Affected Right Now
Because the CapabilityAccessManager folder is protected by Windows, standard File Explorer browsing and unelevated PowerShell directory listings return "Access denied." There are two reliable methods to check without permanently altering system permissions:
Method 1: Windows Storage Settings (Quickest Check)
- Open Settings → System → Storage.
- Click Show more categories.
- Select System & Reserved, then System files.
- If the reported size is in the hundreds of gigabytes and can't be accounted for by other visible categories, your system is almost certainly affected.
Method 2: Robocopy Read-Only Scan (Confirms the Exact File)
Open an elevated Command Prompt (right-click Start → Terminal (Admin)) and run the following command. It performs a dry-run scan only — it does not copy, modify, or delete any files:
robocopy "C:\ProgramData\Microsoft\Windows\CapabilityAccessManager" "%TEMP%\CAMCheck" /L /B /R:0 /W:0 /BYTES /NP
Flag reference for clarity:
/L— List only; no files are copied or moved./B— Backup mode; allows reading of files that are normally access-restricted./R:0 /W:0— Zero retries, zero wait time; prevents the command from hanging on locked files./BYTES— Reports file sizes in bytes rather than kilobytes for precision./NP— Suppresses the per-file progress percentage to keep output readable.
Look for CapabilityAccessManager.db-wal in the output. If the file shows up as several gigabytes or larger, the bug is active on your machine. A healthy system will show this file at a few megabytes at most. Third-party tools such as WizTree, TreeSize, or WinDirStat launched with administrator privileges can also surface the file, though they need elevated access to look inside the protected directory.
Fix Options: From the Patch to the Emergency Workaround
The right course of action depends on whether your drive still has enough free space to accept updates:
Option A: Install the Patch (Recommended If Drive Has Free Space)
Install KB5095093 manually:
- Open Settings → Windows Update → Advanced options → Optional updates.
- Locate KB5095093 and select it.
- Click Download & install, then restart when prompted.
- After rebooting, re-run the storage check using Method 2 above to confirm the WAL file has been compacted to a normal size.
If you'd rather wait, the July 14, 2026 Patch Tuesday cumulative update will deploy the same fix automatically.
Option B: Emergency Safe Mode Workaround (Drive Already Full)
When Windows Update can't run because the drive has zero free space, you have to manually remove the oversized WAL file. The community-vetted procedure — confirmed as the accepted answer on the Microsoft Q&A thread — requires booting into Safe Mode so the camsvc service doesn't restart automatically during the process. Community contributor Stephen Murphy's critical warning in the Q&A thread: the camsvc service must be fully stopped before you delete the file; removing it while the service is running can cause a database state mismatch that breaks Wi-Fi and other dependent subsystems. Stopping the service when the file is 100GB or larger can take up to 20 minutes — don't interrupt this step.
- Open Settings → System → Recovery and click Restart now under Advanced startup, or hold Shift while clicking Restart from the Start menu.
- From the recovery menu, choose Troubleshoot → Advanced options → Startup Settings → Restart, then press F4 to boot into Safe Mode.
- Once in Safe Mode, open an elevated Command Prompt and stop the service:
Wait for confirmation that the service has stopped. If the WAL file is very large, this may take several minutes.sc stop camsvc - Navigate to
C:\ProgramData\Microsoft\Windows\CapabilityAccessManager\using File Explorer (in Safe Mode, you may need to enable "Show hidden and system files" in Folder Options) and delete only theCapabilityAccessManager.db-walfile. Do not delete the mainCapabilityAccessManager.dbfile. - Restart normally. Windows will regenerate a fresh, correctly-sized WAL file on next boot.
- Immediately install KB5095093 (or await the July 14, 2026 Patch Tuesday update) to prevent the bug from recurring.
Windows Latest explicitly cautions against casually altering folder ownership or ACL permissions in an active Windows installation — Safe Mode is the safer intervention environment precisely because it prevents camsvc from restarting automatically mid-operation.
Why This Matters for Developers and IT Professionals
For individual home users, a storage-eating bug is a serious irritation. For developers, system administrators, and IT departments, the failure mode is categorically more dangerous. Any machine where Windows Update can't complete due to a full drive is a machine silently falling behind on security patches — accumulating unpatched vulnerabilities for an indefinite period without triggering any visible alert in most patch-management dashboards.
On developer workstations running complex build environments, a sudden loss of hundreds of gigabytes can corrupt in-progress builds, break Docker volume mounts and container image caches, and cause IDE indexing failures that are genuinely hard to diagnose without knowing to look inside a protected system directory. The bug is invisible to the usual first-line diagnostics.
The architectural problem for IT teams is compounding: the file sits inside a protected system folder, so standard storage-monitoring scripts and endpoint management tools that query user-visible directories — or that rely on Windows Storage Sense telemetry — won't flag the anomalous growth. The file doesn't appear in standard Get-ChildItem PowerShell queries run without backup-mode flags. Organizations managing Windows 11 24H2 or 25H2 endpoints at scale should add an elevated robocopy /L /B check for CapabilityAccessManager.db-wal to their device health monitoring pipelines immediately — at minimum until the July 14, 2026 Patch Tuesday update has been confirmed deployed across their entire fleet.
The incident has also re-energized the broader conversation — particularly visible on Reddit and in coverage tagged under microsoft admits windows bug reddit — about quality-control regressions in recent Windows release cycles. Whether microsoft admits windows 11 is bad is too strong a framing is debatable; what isn't debatable is that a permission-logging file silently consuming 570GB over several months represents a meaningful quality-assurance failure, and that Microsoft's formal response consisted of a single line in an optional update's changelog with no root-cause explanation.
Frequently Asked Questions
Is Microsoft admitting Windows 11 is broken?
Microsoft has acknowledged a specific bug through a single line in the KB5095093 patch notes, describing it as an improvement to "disk space usage for the CapabilityAccessManager.db-wal file." The company has stopped short of issuing a formal incident report or adding the issue to its Windows Known Issues Dashboard. Whether that constitutes admitting Windows 11 is broadly broken depends on your framing, but the bug itself — a system file growing to 570GB undetected — is an objectively serious regression.
Which versions of Windows 11 are affected?
Windows 11 24H2 (OS build 26100) and 25H2 (OS build 26200) are the confirmed affected versions. Windows 10 is not reported to be affected. Not every Windows 11 24H2 or 25H2 machine will exhibit the bug — the growth rate is influenced by how many background apps on a given system poll location and permission APIs.
What is the official fix, and when does it arrive automatically?
The fix is included in optional update KB5095093, released June 23, 2026. It will be incorporated into the mandatory July 14, 2026 Patch Tuesday cumulative update, which installs automatically for users on standard Windows Update settings.
Can I safely delete the CapabilityAccessManager.db-wal file?
Yes, but only after stopping the camsvc service and only in Safe Mode — and you must delete only the .db-wal file, not the main .db database. Deleting the file while the service is running, or deleting the main database, can break Wi-Fi and other privacy-permission-dependent features. After deletion and a normal reboot, Windows regenerates a clean WAL file automatically.
Will this bug come back after installing KB5095093?
The update is described by Microsoft as fixing the underlying WAL compaction mechanism, so the checkpointing process should resume working correctly after the patch. That said, because Microsoft hasn't published a technical root-cause analysis, independent observers can't fully confirm whether the same architectural flaw could resurface in a later update. Monitoring the file size periodically after patching is a reasonable precaution.
How do I check file size without admin access?
You can't reliably check the file size without elevated privileges because the folder is access-protected. The closest proxy available to standard users is the Settings → System → Storage → System & Reserved → System files view, which will show an inflated total if the bug is present — though it doesn't name the specific file responsible.
Key Takeaways
- The bug: A write-ahead log file for Windows 11's Capability Access Manager (
CapabilityAccessManager.db-wal) fails to compact, growing from a normal ~2MB to as much as 570GB on affected systems. - Root cause: Background app permission requests — especially location and Wi-Fi checks — generate continuous log entries that are never checkpointed back into the main database, likely due to a regression introduced in an early 2026 Windows update.
- Affected versions: Windows 11 24H2 (build 26100) and Windows 11 25H2 (build 26200); Windows 10 is not affected; not all Windows 11 machines exhibit the bug.
- Official fix: Optional update KB5095093 (released June 23, 2026) contains the fix; the July 14, 2026 Patch Tuesday update will deploy it automatically.
- Microsoft's disclosure: Limited to a single line in the KB5095093 changelog — no Known Issues Dashboard entry, no post-incident report, no public root-cause explanation.
- How to check: Settings → Storage → System files shows inflated totals; a
robocopy /L /Bdry-run scan from an elevated prompt confirms the exact file size without altering permissions. - Emergency workaround: Boot into Safe Mode, stop the
camsvcservice (allow up to 20 minutes on large files), delete only the.db-walfile (not the main.db), reboot normally, then apply KB5095093. - Risk for IT teams: Affected machines cannot install security patches, creating a silent compliance gap that standard monitoring tools relying on user-visible directory queries will not detect without elevated backup-mode access.
What Comes Next
The July 14, 2026 Patch Tuesday cumulative update is the expected vehicle for broad automatic remediation, and for most Windows 11 users on managed or consumer Windows Update channels, the fix should arrive without any manual intervention. Machines that are already storage-starved, though, can't afford to wait — those systems need the Safe Mode workaround before they can accept any update at all. Microsoft's silence on root-cause analysis leaves open the question of whether the same WAL-compaction failure could be triggered again by a future update, or whether similar permission-logging subsystems elsewhere in Windows carry analogous architectural risk.
Independent outlets including gHacks, Windows Latest, and Neowin will be watching whether Microsoft eventually publishes a proper post-incident report, and whether any changes to the Windows Known Issues Dashboard process would surface bugs of this severity faster than the months of community-driven diagnosis this one ultimately required. For now, the action is straightforward: check your system today using the methods above, install KB5095093 if you haven't already, and — if you manage Windows 11 endpoints at scale — add the WAL file check to your device health monitoring pipeline before the July 14, 2026 Patch Tuesday update confirms full fleet deployment.
Topics
Comments(0)
No comments yet. Be the first to share your thoughts.
Join the conversation
Your email stays private and comments are reviewed before appearing.


