No, you dont need to deploy patch 4.
Installing the management capabilities on ePO does not force you to install the newer patch at the endpoint it just prepares ePO to be able to manage endpoints where the patch is installed.
To upgrade the ePO capabilities you just need to install the P4 extensions to ePO, which normally will add some tables or columns to SQL and some more report templates and UI updates :)
If you do want to upgrade your endpoints you would also need to check-in the product update into your master repository and maybe edit your client update tasks.
Certified McAfee Product Specialist - ePO
Thanks alot for the reply