Installing applications from unknown sources on the Xiaomi Redmi Note 9 Pro opens the door to potential threats: viruses, spyware and unstable system operation. APK-A file, accidental error or vulnerability in a third-party application can compromise data on the device. In this article, we will discuss how to completely block the ability to install applications from the outside, including hidden settings. MIUI, often overlooked.
The Redmi Note 9 Pro (joyeuse/curtana models) has a loophole to install the APK even after the main switch is disabled in the settings. This is due to the MIUI architecture, where some system applications (such as the Browser or Files) can request permissions independently.
Why it is important to disable the installation from unknown sources
The main danger of third-party APKs is not only viruses, but also in:
- π Personal Data Collection: Many βpirateβ or modified apps contain trackers that share information about your activity with third parties.
- πΈ Hidden payments: some APK Substitute payment or subscription details, debiting money without your knowledge.
- π± Incompatibility with MIUI: Applications that are not optimized for Xiaomi can cause overheating, fast battery drain, or conflicts with system services.
- π¨ Device lock: Malware can encrypt files and demand ransom (ransomware).
According to Kaspersky Lab, in 2023 year 38% Mobile threats are spread through third-party APK. At the same time, the Redmi Note 9 Pro enters the top-10 devices most susceptible to attacks due to the popularity of the model and the prevalence of custom firmware.
Method 1: Disconnecting through the basic MIUI settings
The most obvious method is to use built-in security options. However, in MIUI 12/13/14 (depending on the firmware version of your Redmi Note 9 Pro), this path may differ.
- Open Settings (the gear icon on the main screen).
- Go to the Appendix section β Application management.
- Click on the three dots in the top right corner and select Special Access.
- Slip on the item Install unknown applications.
- In the list, select each application (including Browser, Files, Google Chrome) and move the slider to the Prohibit position.
Important: Even after these actions, some system applications (such as Mi Share or GetApps) may retain the right to install APKs.
βοΈ Verification of the deactivation of the installation APK
Method 2: Blocking through the developer settings
If the standard method doesn't work, you'll have to use the developer mode, which is more robust, but it requires caution, because the wrong changes can disrupt the stability of the system.
Activate the Developer Mode:
- Go to Settings. β The phone.
- Tap 7 times on the MIUI version until you become a developer!
- Return to the main Settings menu and open a new section for Additional Settings β For Developers.
Now we block the installation of APK:
- Find the USB Debugging option and turn it off (this will prevent installation via ADB).
- Scroll down to Security and activate Disable Installation via USB.
- Turn on MIUI Checker (if any) β this will add an extra layer of protection.
π‘
Once the installation is disabled from unknown sources, restart the device. Some changes only take effect after the reboot.
Method 3: Use parental control (for additional protection)
If the phone is used by children or inexperienced users, it makes sense to use parental controls, a method that not only blocks APK installation, but also restricts access to dangerous sites.
Setting:
- Open Settings β Google β Parental Controls (Google account required).
- Create a profile for the user and set age limits.
- In the Application Management section, select Block the installation of unknown applications.
- Activate the option Only verified sources in the settings of Google Play Protection.
This works in parallel with MIUI settings, creating dual protection, but keep in mind that parental controls may conflict with some Xiaomi system apps (such as Mi Video or Music).
What if parental control does not save the settings?
Hidden loopholes: what else can APK install on your Redmi Note 9 Pro
Even after disabling all obvious options, there are hidden mechanisms that can bypass the limitations.
| Source of threat | How to block | Notes |
|---|---|---|
| ADB (Android Debug Bridge) | Disable debugging by USB in the developer settings | If USB-debugging is on, APK You can install it from PC even when the settings are blocked |
| Mi Share (File Transfer) | Disable installation in the Mi Share app settings | When APK is transmitted via Mi Share, an installation request may appear |
| GetApps (branded store Xiaomi) | Disable auto-updates and third-party installations in GetApps settings | Sometimes offers APKs from unverified repositories |
| Recovery mode (Recovery) | Set a password for the bootloader (requires unlocking the bootloader) | Recovery can be stitched ZIP-packages, including malicious |
Critical vulnerability: Some versions of MIUI for Redmi Note 9 Pro (especially on firmware before MIUI 12.5) have a bug that allows you to bypass restrictions through file access settings. To close it, go to Settings β Privacy β Special Permissions β Access to files and disable access for all unnecessary applications.
What to do if settings are reset after the MIUI update
After major updates (e.g., from MIUI 12 to MIUI 13), some security settings may be reset, due to Xiaomi reviewing permission policies to avoid automatically enabling the installation from unknown sources:
- Before updating, back up your settings through Settings β Additional β Backup and Reset.
- After the upgrade, donβt connect to Wi-Fi or mobile network until you have checked your security settings.
- Manually re-disable the APK installation via Special Access (see Method 1).
- Check out the Developer section β sometimes new security-related options appear after the update.
π‘
After each MIUI update, be sure to check the security settings. Xiaomi often changes the location of options and can reset user restrictions.
β οΈ Note: If you are using custom recovery (e.g, TWRP), even complete locking in the settings MIUI no-stop ZIP-In this case, the only reliable way to do this is to set a password for the bootloader or return the stock recovery.
Alternative security measures (for advanced users)
If youβre willing to go beyond standard settings, consider these options:
- π Custom core installation with enhanced security: for example, Perseus Kernel for Redmi Note 9 Pro has built-in mechanisms to block unauthorized changes.
- π‘οΈ Magisk modules: App Systemizer module allows you to convert critical applications into system ones, which will complicate their modification.
- π± Activation. MIUI Optimization (Hidden Function): ADB Additional security checks can be included: adb shell settings put global miui_optimization 1
- π Vulnerability scanner: apps like Trume Scanner or Xiaomi Tool V2 Helps to find hidden security gaps.
These methods require an unlocked bootloader and can be unwarranted, and only apply them if you understand the risks.
β οΈ Note: Installing custom cores or modifying system files can cause the device to fail if done incorrectly.Always back up through TWRP Mi Flash Tool before making changes.