Yes, through the "Import" feature. Excel will in that case allow you to choose what "type" each column in the CSV has (and will not parse text if given the "text" type). The problem is that a lot of users (myself included) will use muscle memory and double-click a CSV file in windows explorer rather than opening up Excel and initiating an import.

So why does it not import when opening files?

Because you can create documents with formulas, save them as CSV and open them again. If it did an import when opening, the operation save A -> load A would result in a different result than the file you had when you clicked saved.

or at least this the most logical explanation I could find.

So a safe-import could import all columns as text (without interpretation) and offer to parse columns with a predictive input type suggestion.

Agree it is completely absurd to allow formulas in a CSV file, let alone code.

I have never seen a way to disable a full recalculation when Excel opens a CSV file, which beyond the security implications is painful for people like me who keep their calculations on manual because I often have very heavy workbooks opened all the time.

My first thought was this dead-simple solution: just pop up a prompt when opening CSVs. "Do you want to run formulas from this CSV file?" No need for complicated import wizards, just a simple yes/no.

"Yes/no/always/always for all files (see settings>blah>foo to change this option" would seem more user friendly to me, or is that too many options?

Sure. I was just trying to come up with the simplest possible thing as a counter to the author's "it's too hard to fix vulnerabilities in existing spreadsheet programs" assertion. Microsoft and Google could probably bang out a dialog like that in a week if they were motivated.