Installing apps from unknown sources on Xiaomi Mi 9 is one of the most common causes of infection of a smartphone with viruses, spyware or advertising software. APK-A file, accidental click on a fake link, or a vulnerability in a third-party installer can lead to data compromise. In this article, we will discuss all ways to block the installation of unverified applications, including hidden settings. MIUI Google Play Protect tools.
The Xiaomi Mi 9 (codenamed cepheus) feature is that the manufacturer has added additional layers of protection on top of the standard Android 9/10 features.This means that simply disabling the option in the security settings is not enough β you need to take into account the operation of MIUI services such as Security App and Mi Cloud.
Why is it important to ban installations from unknown sources?
According to Kaspersky, the 2023 year-over 60% Mobile viruses are spread through APK-files downloaded outside of Google Play, while Xiaomi is in the top-5 brands whose devices are most often targeted for attacks:
- π Open architecture. MIUI, plug-in;
- π Popularity in regions where users are actively using third-party app stores (such as APKPure or Aptoide);
- π± Pre-installed services that may request installation permission APK (For example, Mi Browser or Mi Video).
Even if you donβt install apps from unverified sources, attackers can exploit vulnerabilities in your browser or messengers (such as phishing links in Telegram) to force the system to download and install malicious APK automatically.
Method 1: Disconnection through basic security settings
The most obvious method is to use the standard Android menu, but in MIUI, the path to these settings may be different from the "pure" Android.
- Open Settings (the gear icon on the main screen).
- Go to the Appendix section β Application management.
- Click on the three dots in the top right corner and select Special Access.
- Slip on the item Install unknown applications.
Here you will see a list of all the apps that are allowed to install APK. By default, this list may include:
- π File manager (MIUI File Explorer);
- π Browser (Mi Browser or Chrome);
- π¬ Telegram, WhatsApp (if downloaded) APK through).
To completely disable installation, turn off the sliders in front of each application. Note: some system services (such as Package Installer) cannot be disabled - this is normal.
Is the settings "Install unknown applications" open?
Are permissions disabled for all apps on the list?
Is Google Play Protect status verified?
Is the OS updated to the latest version?
-->
Method 2: Use Google Play Protect to protect you
Google Play Protect is a built-in antivirus scanner that checks all apps installed, even if they are downloaded from third-party sources. On the Xiaomi Mi 9, it works in tandem with MIUI Security, but its settings are often ignored. To activate maximum protection:
- Open the Google Play Store.
- Slip on the profile avatar in the upper right corner.
- Select Play Protect β Settings (cog icon).
- Turn on the options: π Scan the device for threats; π‘οΈ Improved security controls (if available).
Play Protect will block the installation of suspicious APKs before they are launched, but this does not replace disabling unknown sources, since the scanner can miss fresh threats that have not yet been added to Googleβs database.
π‘
If Play Protect detects a threat but cannot remove it, restart your phone in Safe Mode (hold the power button β Safe Mode) and manually uninstall the suspicious app.
Method 3: Blocking through MIUI Security (built-in antivirus)
Xiaomi has integrated its own security tool, the Security app, into the firmware, which not only scans the system, but can also restrict the installation of APKs.
- Open the Security app (if it isnβt on the home screen, search through search).
- Go to the Security tab (or Security in English).
- Slip on Settings (cog in the corner) β Application privileges.
- Find the Install Unknown Applications and disable it.
In some versions of MIUI (e.g. MIUI 12.5 and later), this item may be called Special Permissions β Install Unknown Apps. If you do not have an option, update the Security app via Google Play.
β οΈ Note: After disabling this option, some system updates (such as Mi Camera or Mi Video patches) may be delayed.This is normal β Xiaomi first checks them through official channels.
Method 4: Edit build.prop (for power users)
If you're willing to take drastic measures, you can edit the build.prop system file that manages Android permissions, a method that requires root rights and can lead to unstable device performance if executed incorrectly.
Instructions:
- Install a file manager with root support (such as Root Explorer).
- Go to /system/build.prop.
- Find ro.secure=1 (if not, add it to the end of the file).
- Save the changes and restart the device.
- Lock down the installers. APK: π« Remove or disable applications like APK Installer or Package Installer; π§ Use it. ADB, To ban installation globally: adb shell settings put global install_non_market_apps 0
If you are transferring your phone to another person (such as a child or colleague), create a separate user profile with limited rights:
- Go to Settings β System β Additional β Multiple users.
- Create a new user and assign them a limited profile role.
- In the profile settings, disable access to Security Settings and Application Installation.
If you use custom firmware (for example, LineageOS), these settings may not be available at all β in this case, you need to configure the lock via ADB or build.prop.