How to disable installation from unknown sources on Xiaomi

Modern Xiaomi and Redmi smartphones, which run MIUI shells or the new HyperOS, have advanced anti-malware protection mechanisms. However, frequent requests for downloading files from the Internet require the user to pay attention to security settings. One key setting that often remains open after the first installation of a third-party application is permission to install from unknown sources.

Ignoring this setting can lead to the fact that any browser or messenger will be able to silently download and run APK-In this article, we will discuss how to find this option in the depths of the system menu, how to restrict the rights of specific applications and why the standard one-click switch in new versions of Android no longer exists.

You don't have to be a mobile security expert to secure your device, but you just need to do a few things that are described below, and take full control of what's installed on your phone, and we'll look at both standard methods through settings and hidden options for advanced users.

The evolution of security in Android and MIUI

Older versions of the Android operating system had a global switchboard that completely banned or allowed apps not from Google Play. This was convenient but not secure, since one infected application could use this access to install viruses. Starting with Android 8.0 Oreo, Google changed the security architecture by implementing a permission model for each individual application.

Xiaomi in its shells MIUI And HyperOS went a step further, and it introduced dual controls, even if you let the browser install. APK-Files, the system will run additional verification through the service MIUI This creates an additional barrier that often scares newcomers, but is critical to protecting personal data.

Understanding this evolution is important, because many users are looking for an old switch in the menu and can't find it, and today we're not working with a global system setup, but with granular access rights for each installation source.

โš ๏ธ Attention: In new versions MIUI 14 and HyperOS 1.0, the path to settings may vary slightly depending on the firmware region (Global, China, EEA). If you do not find a paragraph in the specified place, use the search by settings.

The system architecture of modern smartphones is designed so that no application can change system files or install other programs without the explicit, one-time or permanent permission of the user, a fundamental principle that cannot be circumvented by simple methods without violating the integrity of the system.

The quickest way to find the option you need in Xiaomiโ€™s confusing menu is to use the built-in search engine.The depth of the menu nesting in the latest versions of the shell sometimes baffles even power users, so using search saves time and nerves.

To do this, open the Settings app and find the search bar (magnifying glass) at the top of the screen, type in "unknown" or "special" and the system will prompt you to go to the desired section, which is especially true if you have an advanced settings mode.

  • ๐Ÿ” Click on the magnifying glass icon at the top of the settings screen.
  • ๐Ÿ“ Enter the phrase "Unknown sources" without quotes.
  • ๐Ÿ‘† Select โ€œInstall Unknown Appsโ€ in the search results.

After clicking on the search link, you will be placed in a list of all the apps that have ever tried to install. APK-The file, or the theoretical ability to do so, is where the permission management takes place.

๐Ÿ“Š How You Usually Look for Settings on Xiaomi?
Through Search in Settings
I'm manually flipping through the menu.
Google the way online
I use a voice assistant.

Disabling rights for specific applications

Unlike older versions of Android, we don't turn off the feature globally here. We have to go through the list of apps and make sure that none of them are active permissions, most often browsers (Chrome, Yandex), file managers (File Manager) and instant messengers (Telegram, WhatsApp).

Go to the list "Install Unknown Applications." You'll see a list of programs. Click on each application that has the status "Allowed." In the window that opens, just turn the switch to the position "Off" (gray).

โ˜‘๏ธ Verification of source applications

Done: 0 / 5

Special attention should be paid to the application MIUI Downloads and system Package Installer. Sometimes after updating the firmware rights can be reset or, conversely, be granted automatically.

If you use third-party app stores, such as GetApps ( Xiaomiโ€™s own store) or RuStore, they may also need access to work properly. APK-file.

Configure through the menu "Special features"

Sometimes direct search doesn't work, or the menu interface is changed by the manufacturer, so you can use the classic way through the special features section, which works on most Redmi and Poco devices.

Follow the path: Settings โ†’ Applications โ†’ Application Management. In the upper right corner, click on the three dots (menu) and select Special App Access. In the list that opens, look for โ€œInstall Unknown Appsโ€.

ParameterDefault valueRecommended valueSafety impact
Chrome/BrowserPermitted (often)Forbidden.High (main attack vector)
TelegramRequests during installationForbidden.Average (risk of downloaded files)
ConductorDepends on the version.Forbidden.High (access to all files)
GetAppsPermitted.As you wish.Low (official store)

This is a way to see the full picture of access rights, and if you see an application that you don't use, but it has permission to install programs, you might want to consider removing or blocking it.

Why can the list of applications be empty?
If the list is empty, it means that no application currently has an active installation permit. APK-This is the perfect security state, and the system requests permission the first time you try to install a particular file.

Blocking through Developer Mode

For advanced users who want maximum control, there is a hidden developer mode, which can be found additional restrictions regarding installing applications via ADB (Android Debug Bridge) and debugging over USB.

To activate the developer mode, you need to quickly click on the MIUI version number 7 times in the About Phone section, after which a new option will appear in the settings menu "Additional" or "Extended settings".

Inside the developer menu, look for the USB Debugging option and make sure it's turned off if you're not using your phone to debug apps. Also check the USB Installation option, which should be inactive, and this will prevent you from installing apps from your computer without your knowledge.

  • ๐Ÿ›  Activate Developer Mode (7 clicks according to version) MIUI).
  • ๐Ÿ”Œ Find the "Developers" section in the settings.
  • ๐Ÿšซ Turn off the "Debugging by" option USB" and โ€œInstallation through USB".

These measures create layered protections, and even if an attacker gains physical access to an unlocked phone, they will not be able to easily install malware through a computer, as the debugging protocol will be closed.

โš ๏ธ Note: Do not turn on the developer mode and debugging USB This opens up ports for potential attacks when connected to public charging stations or other computers.

Use of antivirus and MIUI Security

The built-in security antivirus from Xiaomi is based on the Avast engines and AVL. It's automatically scanning. APK-files when they are downloaded or before installation. Even if you accidentally allow installation, the system will alert you to the dangers.

It is recommended to run a full system scan regularly, and to do this, open the Security app and click "Security Check." Make sure that the "Confirm When Install" option is enabled in the antivirus settings.

๐Ÿ’ก

Enable Cloud Verification in Xiaomiโ€™s antivirus settings, which will allow you to check the hash amounts of installed files against the database of known viruses in real time, even if the antivirus databases on your phone are not updated.

If the system detects a threat, it blocks the installation, but it is not necessary to rely on the antivirus alone: it may not be aware of new viruses (zero-day threats), so manually disabling installation rights from unknown sources remains the most reliable method.

Also worth noting is Google Play Protect, which runs in the background and scans apps even outside the Play Market Store. Make sure it's active in your Google account settings on your device.

Frequent problems and their solution

Users often experience a situation where settings are reset after a system update or the phone insists on offering to enable the installation from unknown sources, which may be due to the peculiarities of some Chinese firmware versions or the specific behavior of installed applications.

If you notice that permission is turned on by itself, check the list of recently installed applications. Often ad modules or "optimizers" try to get these rights.

In some cases, resetting the settings of source applications (browsers) helps. Go to Settings โ†’ Apps โ†’ All apps โ†’ All applications, find a browser, select Clear โ†’ All data. This will return the factory access settings.

๐Ÿ’ก

The most reliable way to protect yourself is to hold the global ban and only grant temporary permission when needed, taking it back immediately.

Can I completely remove the installation option? APK-file?
It is impossible to completely remove the system component of Package Installer without root rights, since it is part of the Android kernel. However, by denying access to all source applications, you effectively block any installation option except through the official Play Market store or GetApps, which use system privileges.
Why did the MIUI update reappear?
When you upgrade your system in a major way (like MIUI 13 to 14), Android often resets security permissions for security reasons, which is standard behavior, and you need to recheck and disable installation for all applications.
Is it safe to use third-party stores like APKPure?
Using third-party stores requires the permanent right to Install from unknown sources for their application, which increases the risk. If you use such stores, be sure to install an additional antivirus and carefully read reviews of downloaded applications.
What to do if the phone says "Installation blocked by the administrator"?
This means that the device has activated an organization profile or installed applications with administrator rights (such as antivirus or parental control programs).
Does disabling this feature affect widgets and themes?
No, installing themes, widgets and wallpapers through the standard Themes app does not require permission to install unknown applications, since it is a system service with a trusted signature. APK-file.