[0x0]

It's worse than that. According to https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html any system that performs a DNS lookup may be hit. And it's not hard to cause DNS lookups to happen (think reverse DNS lookups when logging login attempts, hovering a link in an email or webpage, etc):

  - A back of the envelope analysis
  shows that it should be possible 
  to write correctly formed DNS 
  responses with attacker controlled
  payloads that will penetrate a 
  DNS cache hierarchy and therefore
  allow attackers to exploit machines 
  behind such caches.

So even if you trust your local ISP and DNS servers, any random domain on the internet may be resolving to an exploit.

Also, this vulnerability has apparently been around since 2008, and sitting in public view on the bugtracker for many months. Who knows who else has been sitting quietly on this for however long? :-/