Nice link, Richard - and 20 minutes is just an average. I was trying to get someone patched mid-MSBlaster (IIRC), and at times that machine was getting taken out in less than 60 seconds after startup
There are some quite interesting 'darknet' or 'network telescope' projects out there watching this problem. They occupy an unused corner of the internet, and just listens to inbound traffic. The network makes no requests, so no legitimate data should be sent to it and inbound traffic is almost completely due to malware looking for computers to infect.
When a new problem hits the internet (the Witty worm in this case) the darknet shows it clearly
The scale and speed at which these worms spread is amazing; this is the Slammer worm 30 minutes after it started to spread
At its peak, the population of infected machines doubled every
8.5 seconds!