While one would hope that most people are wise enough not to open random files sent to them, Microsoft has issued a warning to anyone using Excel regarding a newly discovered vulnerability. The flaw, present in all versions of Excel from 2000 to 2007, including the standalone Excel viewers and Mac versions, could result in remote code execution. It requires user intervention at least in one point, so if you don't open a compromised file you can't be affected by it.
Microsoft outlined scenarios in where it could be easy to become infected, for example, a website that automatically prompts the download of an Excel file. Like most Office security flaws, as long as you don't go opening random files you don't have much to worry about.