Data I have says that 20% of the Internet is vulnerable to this, and that's a huge, huge percentage of the BIND servers, ... no reason why it won't skip to other Unix versions.
In the past 12 to 15 months, attackers have made a massive shift to attack applications. Automated patching started making it harder to find new vulnerable systems, so they went after applications that users are just not patching.