UPDATED: The U.S. Department of Homeland Security's Computer Emergency Readiness Team (US-CERT) is warning about a serious flaw in Apple's QuickTime that cold let an attacker gain control of a user's computer. Apple has not yet patched the flaw.

US-CERT issued the warning in a Technical Cyber Security Alert earlier this week.

Don't think the issue could affect you? If you've installed iTunes, think again. The security group warned that both Windows and Mac users are at risk if they've installed the music software, which is used with Apple's wildly popular iPod.

"iTunes installs QuickTime, so any system with iTunes is also vulnerable," US-CERT said in its advisory.

A spokesperson for the computer maker confirmed that it was aware of the problem.

"Apple takes security very seriously and has a great track record of addressing potential vulnerabilities before they can affect users, and we are looking into this," the spokesperson said.

Reports about the flaw first appeared a week ago. Since then, US-CERT said it has become aware of publicly available exploit code.

The flaw itself specifically deals with how QuickTime handles Real Time Streaming Protocol (RTSP) content. If a user visits a site that includes a poisoned QuickTime file, or opens a maliciously crafted QuickTime file locally, the flaw could allow an attacker to take control of the user's PC.

The Alert also warns that one potential delivery method could be from a user's browser that calls on QuickTime to open a file.

In the absence of a patch from Apple, US-CERT provides a basic recommendation on how to avoid becoming a victim of the QuickTime flaw: Stay away from untrusted QuickTime files.

"Do not open QuickTime files from any untrusted sources, including unsolicited files or links received in email, instant messages, Web forums, or Internet Relay Chat (IRC) channels," US-CERT said in the advisory.

The warning comes as Apple's QuickTime is experiencing a recent rash of attacks.

This article was first published on InternetNews.com. To read the full article, click here.