Are there any release notes for the new RU4a package. What is the current migration route does it need to be installed on top of 12.1 RU4 or can it be directly upgraded over other versions?

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140213_00 

Hi

It can be directly upgraded to latest version i.e. SEP 12.1.4a

Regards

Release Updates (RUx) typically contain a significant number of fixes and may include feature-work or enhancements.  The current Release Update is considered the latest release of the product and is the appropriate version for most customers performing a new install or upgrading from an earlier release or build of the product.

General supported migration paths for Symantec Endpoint Protection Manager (SEPM) / Symantec Endpoint Protection (SEP) - Terminology used in acronyms

The only reason I ask is we saw an issue when upgrading from 12.1 RU3 but we did not see the issue when upgrading another SEPM from 12.1 RU4

12.1 RU4a is the latest... what was the issue?

The schema did not automatically update we had to manually run it

You're not the only one.  The below comment seems to suggest there might be an issue upgrading from RU3.

https://www-secure.symantec.com/connect/blogs/security-advisory-symantec-endpoint-protection-management-vulnerabi#comment-9811901

Do you get the same thing?  Does the SEPM upgrade complete but stay onf the same version number?  I'd be very interested if it's replicable and consistent, as I've got plans to upgrade a RU3 SEPM in the near future.

Even in earlier versions upgrade. I used to run upgrade.bat, just to make sure ..

No we got a failed installation when automatically upgrading but when manually launched no issue

I'm not sure what you mean here.  RU4a is for the SEPM only, the SEP Client remains on RU4, so there should be no "automatic upgrade" option.

Yup, only from manager to mitigate a vulnerability, clients are not affected..only SEPM

When using standard steps to upgrade the SEPM via the menu. We had to run the installation file manually instead of launching it from the upgrade menu that starts when launching setup.exe

So running the MSI worked but running the executable (which in theory only calls the MSI) failed?

Is that correct?

Yes that's correct

Cool, I'll make a note for my planned upgrades.  Thanks!

Out of curiosity, did you grab the SEPM_Inst.log from the failed upgrade attempt to see why it failed?

Unfortunatly I didn't :(