They update it for two reasons:
(1) they find security breeches in it and have to release patches. Unfortunately for Adobe, they find security holes quite often. Just in the last two years there have been over 200 vulnerabilities found in Flash. What will typically happen is they will find a security breech, release a fix, and somehow the fix will then screw up something else in the program and then cause a "bug" that has to be repaired. Then they release a fix to repair the newly created bug. So it becomes an endless circle. But because of how widely used the program is, it is a common target of attack from cyber-criminals.
(2) they update their program to expand its capabilities as well as incorporate all of the previous "fixes" and this is done via their update. Then the circle starts again with cyber attacks, security holes found, fixes released to repair, bugs created from the fix, patches released to repair those bugs, on and on
HTML5 video is the preferred alternative by a lot of people but not all web developers have moved in that direction.
Here are some alternatives to flash player. You can try to see if they will adequately replace Flash for your needs. But what I would do is disable Adobe Flash player and see if you really need it. You may not even need it. It just depends on your needs. I have not used flash player or java in years. But that doesn't mean you don't need it, just that I don't. So disable it first, see if anything you need stops working, and if it does, then try one of the below alternatives.