According to SANS, alongside web applications, Office ranks among the biggest security concerns for a variety of reasons. In the latest SANS report, they cite developers using poor coding techniques that leave them open to security flaws, such as with data exchange between a client PC and a remote server. Office was cited as having a 300% increase in vulnerabilities discovered between 2006 and 2007, many of which were due to Microsoft Excel.
The fault isn't just in the software – obviously, at some point users have to make the choice to open documents that might be untrustworthy. User education can only go so far, however. SANS has several reccomendations for protection, though ultimately it is in the development stage of software that determines how secure it is.