Just thinking: If you have a microphone or loudspeaker (especially the small laptop ones that are bloody low quality) and you make a malware that uses them both OVER the audiable range, it simply won't work. Here's why:
There are techniques for data transmission over extremely nasty communication paths.
So, despite the limited utility beyond a proof of concept, I wouldn't discard the ability to transmit audio from one computer to another.
Now, the real stupidity of the news reports is the hippotethical ability to "infect" a computer using this mechanism, and that is complete bullshit.
In order to trigger a security issue, you generally need to write data outside of the intended buffer and, sometimes cause some uncaught error. The resultant error condition makes the target program behave erratically. And thanks to that data you wrote outside of an intended buffer, you can alter the code execution.
Now, let's look at this particular case. This is audio. ¿How do you write outside of a buffer? A longer than expected transmission will just be discarded. Moreover, assuming that it was possible to somewhat cause the audio sampling to write elsewhere, you wouldn't be able to just guarantee the sample values you write to memory, so the likelyhood of writing some predictable code would be infinitesimal.
There is a possibility, actually. Imagine that you had some kind of voice assistant, and a bogus request could trigger a buffer overflow. For example, imagine a poorly written function that returns the day of the week given a date, which doesn´t check the day of the month. So you say "Hey, Siri, is the 98675438967458673458067856347856348756234789563987568456734857438769458764938567458976458989 of February Saturday?"
But of course that precludes the sneaky ultrasound technique, so, again, bullshit
The day of the month example looks very silly, but someone told me that cracking a certain games console involved feeding a stupidly large number to some character in a game, like writing it on a blackboard or something. That triggered a buffer overflow.