On a system with Symantec Endpoint Protection (SEP) 12.1, you experience a Bug Check 0x139 (KERNEL_SECURITY_CHECK_FAILURE) due to teefer.sys (our Symantec CMC Firewall Teefer3 driver).

STACK_TEXT:  
fffff802`57237bd8 fffff802`559e7ee9 : 00000000`00000139 00000000`00000003 fffff802`57237f00 fffff802`57237e58 : nt!KeBugCheckEx
fffff802`57237be0 fffff802`559e8210 : 00000000`00000000 00000000`00000000 00000000`00000000 ffffe000`de310b60 : nt!KiBugCheckDispatch+0x69
fffff802`57237d20 fffff802`559e7434 : 00000000`00000000 00000000`00000000 000001bd`00000000 12b95f0a`00000005 : nt!KiFastFailDispatch+0xd0
fffff802`57237f00 fffff801`886c06a2 : 00000000`57238004 ffff013b`000000a2 01bdeba2`00000014 12b95f0a`00000006 : nt!KiRaiseSecurityCheckFailure+0xf4
fffff802`57238090 fffff801`886c085e : 00000000`00000000 fffff801`886d1350 ffffe000`de7e9bc0 fffff802`572381d9 : Teefer+0x1b2 
fffff802`572380f0 fffff801`886c1026 : ffffe000`df57cfb0 fffff802`572381d9 00000000`000000a2 00000000`00000000 : Teefer+0x8e 
fffff802`57238130 fffff801`886c1599 : 00000000`00000003 00000000`00000000 00000000`00000000 00000000`00000001 : Teefer+0x336 
fffff802`57238220 fffff801`886c2054 : 00000000`00000004 ffffe000`de9eddf0 00000000`00000000 00000000`00000001 : Teefer+0xd9 
fffff802`57238280 fffff801`886c25ae : ffffe000`de7e9bc0 00000000`00000001 ffffe000`00000000 ffffe000`de310b01 : Teefer+0xc4 
fffff802`57238330 fffff801`88291696 : fffff801`000000a2 fffff801`8829d540 fffff802`572384a0 ffffe000`de7e6b70 : Teefer+0x1ee 
fffff802`572383a0 fffff801`8a1c87b8 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff801`8a19e09e : NDIS!NdisMIndicateReceiveNetBufferLists+0x716
fffff802`57238590 fffff801`8a1c80cc : ffffe000`de71a000 fffff802`57238669 00000000`00000001 00000000`00000001 : b57nd60a+0x497b8
fffff802`572385e0 fffff801`8a18b50f : ffffe000`00000001 ffffe000`de71a001 00000000`00000000 00000000`00000000 : b57nd60a+0x490cc
fffff802`572386d0 fffff801`8a1821ac : ffffe000`de71a000 00000000`00000000 00000000`00000000 00000000`00000001 : b57nd60a+0xc50f
fffff802`57238710 fffff801`8a182b46 : ffffe000`dfd6ac20 ffffe000`de71a000 fffff802`57238829 00000000`00000000 : b57nd60a+0x31ac
fffff802`57238760 fffff801`88292e12 : ffffe000`de6c51a0 fffff802`57238829 00000000`00000000 ffffe000`e03056c0 : b57nd60a+0x3b46
fffff802`572387b0 fffff802`558cac60 : 00000000`00000000 ffffe000`dde27080 fffff802`00000002 fffff802`5582458f : NDIS!ndisInterruptDpc+0x1a3
fffff802`57238890 fffff802`558c9fa7 : 00000000`001d3011 00000000`0023b8ae fffff802`55b8b180 00000000`00000002 : nt!KiExecuteAllDpcs+0x1b0
fffff802`572389e0 fffff802`559dfeea : fffff802`55b8b180 fffff802`55b8b180 fffff802`55be3a00 ffffe000`dbd68080 : nt!KiRetireDpcList+0xd7
fffff802`57238c60 00000000`00000000 : fffff802`57239000 fffff802`57233000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x5a

SEP 12.1 (all versions)

Teefer did not correctly handle double-frees in cleanup code.

This issue was resolved in SEP 14 and backported to SEP 12.1 RU6 MP8.

If you are experiencing this issue with SEP 12.1 RU6 MP7 or lower, if it is not immediately possible to upgrade to SEP 12.1 RU6 MP8 or higher, it is recommended to temporarily revert back to using the Windows Firewall. As disabling the Firewall policy would still leave the Teefer driver enabled, this can only be done by removing the Firewall feature from SEP, by e.g. deploying a new installation package without that feature.