This bit of FUD is absolutely not true. A few months ago, a vulnerability was announced in a hardware firewall product. I forget which company made them, but could probably look it up if you really want to know. There was an estimated population of about 50000 or so of these devices on the entire internet. An attack was launched against the vulnerability a few days later. Within 5 or 6 hours of the attack starting, it is believed that every one of these firewalls that had not been patched was hacked by the worm.
Keep in mind that this type of target is not the low-hanging fruit of your average computer illiterate windows user.* The people using these things were at least savvy enough to know that they needed a hardware firewall product in addition to their cable modems, routers and whatever. Yet the entire community of these devices was hacked and breached within hours.
Using your logic, the attack would never have happened because the target was so terribly small when compared against most other popular targets on the internet.
The reason MACs and Linux/Unix systems aren't hacked as often as windows machines is not merely the raw number of windows users. The biggest factor in the equation is that windows is so easy to subvert. Windows users can go quite a ways in protecting themselves from adware, spyware, and other stuff that has become so common just by using a different browser - any browser- other than Internet Explorer.
Also, even though Apache runs the vast majority of websites, it is still not the primary target of internet worms, viruses, and malware. That dubious honor goes to microsoft's IIS product. Hmmm....
* I'm not saying that all windows users are computer illiterate. It's just that the sheer number of them makes for a larger population of clueless users than just about any other operating system.